PAC files are something close to our heart as they are the core of PacketFlagon.is but the point needs to be made that PAC files can be quite dangerous especially if served over plaintext and hosted somewhere that malicious actors can seize.
When we re-acquired https://Immunicity.org after the City of London Police seized it we found that 33,000 people were still using the PAC file. The Police could have been proxying their traffic and if a malware distributor had acquired the domain instead of us then that’s 33k botnet hosts for the taking.
We are working on a small GoLang based local HTTP server that can serve a PAC file tailored to the users threat model and would suggest that the MaidSafe launcher do something similar by having a simple http listener to serve the PAC file locally with differing PROXY / SOCKS statements.
E.g. we’ve published https://brasshorncommunications.uk/safe_proxy.pac for our members to use which will use the MaidSafe launcher for *.safenet and then attempt to use the standard Tor daemon SOCKS port (9050), failing that the Tor Browser Bundle SOCKS bind port (9150) and then finally the normal Internet connection (DIRECT).
function FindProxyForURL(url, host) {
if (shExpMatch(host, "*.safenet"))
return "PROXY localhost:8101";
return "SOCKS localhost:9050; SOCKS localhost:9150; DIRECT";
}
The MaidSafe Launcher served PAC could have a simple slider;
- SAFENet only
- SafeNet + Tor SOCKS
- SafeNet + Tor SOCKS (failback to DIRECT)
- SafeNet + DIRECT