>As TBB is a standard product, its fingerprint should be the same for
everyone.
Tell that to the guy that got arrested on campus, because he was one of
a few people using it.
People talk a good game in an armchair quarterback sort of way - "if
he'd only..." Unless they're seasoned veterans at
On Tue, 2014-01-07 at 12:48 +0100, Gerardus Hendricks wrote:
> > TBB enables JavaScript by default, presumably because many websites need
> > JavaScript. NoScript can be used to selectively allow JavaScript from
> > certain domains, but doing so could make it possible to fingerprint your
> > Tor u
On 1/7/14 9:49 PM, Mark McCarron wrote:
That will be the end for Tor.
Then I salute you sir!
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> However, IIRC, the amount of additional latency required
> to make timing attacks non-trivial is far more than would be
acceptable
> to the typical user.
I'd personally be happy to have more delays and slowdowns, if it was a
feature that was making Tor's anonymity protection features more
> Point by point.
>
> > Javascript, by itself, is not an issue and poses no more of a security
> > threat than any other type of data transferred online. Coding errors in
> > image handling, html parsing, ftp, etc., can all be used to inject code.
>
> Note that (potential) privilege escalatio
Point by point.
Javascript, by itself, is not an issue and poses no more of a security threat
than any other type of data transferred online. Coding errors in image
handling, html parsing, ftp, etc., can all be used to inject code.
Note that (potential) privilege escalation bugs are found w
On 1/7/2014 11:09 AM, Mark McCarron wrote:
> We're not discussing censorship, but the removal of potential exploitable
> data. Its not a keyword system, it removes cookies, web bugs, adds jitter to
> timings, etc. It can be disabled with a click.
>
> Regards,
>
> Mark McCarron
>
Tor exit
paolucci.ca
> To: tor-talk@lists.torproject.org
> Subject: Re: [tor-talk] Risk of selectively enabling JavaScript
>
> You have to keep in mind it's a slippery slop of censoring the content
> of users that use the Tor network. If we were to add an option for
> filtering out Java
t; From: a.k...@gmx.de
>> To: tor-talk@lists.torproject.org
>> Subject: Re: [tor-talk] Risk of selectively enabling JavaScript
>>
>> On Tue, 07 Jan 2014 12:58:49 +, Mark McCarron wrote:
>> ...
>>> The fact that TBB disables javascript is a testimony to how bad
connections.
Regards,
Mark McCarron
> Date: Tue, 7 Jan 2014 15:00:41 +0100
> From: a.k...@gmx.de
> To: tor-talk@lists.torproject.org
> Subject: Re: [tor-talk] Risk of selectively enabling JavaScript
>
> On Tue, 07 Jan 2014 12:58:49 +, Mark McCarron wrote:
> ...
> >
On Tue, 07 Jan 2014 12:58:49 +, Mark McCarron wrote:
...
> The fact that TBB disables javascript is a testimony to how bad the
> javascript coders of Firefox are.
Ex falso sequitur quodlibet.
> I think there is a solid argument for adding filters to the exit nodes that
> strip anything that
oject.org
> Subject: Re: [tor-talk] Risk of selectively enabling JavaScript
>
> On 1/6/2014 12:39 PM, dhanlin wrote:
> > TBB enables JavaScript by default, presumably because many websites need
> > JavaScript. NoScript can be used to selectively allow JavaScript from
> > certain
TBB enables JavaScript by default, presumably because many websites need
JavaScript. NoScript can be used to selectively allow JavaScript from
certain domains, but doing so could make it possible to fingerprint your
Tor use.
Let us try to define what "fingerprinting Tor use" means exactly. It
cl
On 1/6/2014 12:39 PM, dhanlin wrote:
> TBB enables JavaScript by default, presumably because many websites need
> JavaScript. NoScript can be used to selectively allow JavaScript from
> certain domains, but doing so could make it possible to fingerprint your
> Tor use.
>
> By my judgment, you are
14 matches
Mail list logo
