apt-transport-tor 0.2.1 should now be on your preferred unstable
Debian mirror. It will let you download Debian packages through Tor.
New in this release: support for HTTPS over Tor, to keep up with
I haven't mentioned it before on this blog. To get it working,
you need to "apt-get install apt-transport-tor", and then use
sources.list lines like so:
deb tor+http://http.debian.net/debian unstable main
Note the use of http.debian.net in order to pick a mirror near to
whichever Tor exit node. Throughput is surprisingly good.
On the TODO list: reproducible builds? It would be nice to have
some mirrors offer Tor hidden services, although I have yet to think
about the logistics of this, such as how the load could be balanced
(maybe a service like http.debian.net). I also need to look at how
cowbuilder etc. can be made to play nicely with Tor. And then Debian