> On Sat, Jan 7, 2012 at 03:30, <h...@safe-mail.net> wrote: > > It's not recommend. And for cleartext http (not https) there will be now > > not one, but two servers who can log and tamper your cleartext traffic. > > So there is no principal difference from a security standpoint. > > > There is a paper where they explain the changes they made to Firefox. > > Can't find it, can you provide a reference?
Okay, my information might have been outdated. Many firefox patches have been already merged into the mainstream firefox branch. Not sure if all. https://blog.torproject.org/blog/toggle-or-not-toggle-end-torbutton https://www.torproject.org/torbutton/en/design/index.html.en https://trac.torproject.org/projects/tor/ticket/2871 https://blog.torproject.org/category/tags/firefox-updates At least this set of patches they applied seam still current.... https://blog.torproject.org/blog/new-tor-browser-bundles-5 But if you are interested in those patches then you'll have now hopefully a point to start. > > Indeed. But i think the Tor devs do not like that idea much. 1. because of > > mentioned earlier [1]. > > 2. because the list of Tor exit servers is available to the open public. > > That is good. See > > https://trac.torproject.org/projects/tor/wiki/doc/TorAbuseTemplates#CommentForumSpam > > There is nothing "good" about the list of Tor exist being available. > It's an unfortunate result of Tor's network design, and not something > that one could easily prevent in any type of anonymizing network, so > why not provide a list of exit nodes upfront? That prevents people > hogging the network with exit node scanners. You are right, good point. > > Now imagine the idea Tor + open proxy gets promoted because the devs > > encourage that with a new option like Tor + your personal extra proxy > > chain... That wouldn't give Tor more credibility as it would be even harder > > to stop abuse form it. > > Don't see why a Tor user should care about Tor's credibility in this scenario. I meant not the users but the exit servers and the developers. In any way, I shouldn't try to guess what other people might think. However, I do not think this feature is likely to come from one of the current developers. In the mailing list they stated that Tor + extra proxy isn't a good idea because it's bad for anonymity. That's why I deduct that this feature will not come, unless maybe someone sponsors a patch. Not many people and even less devs discuss this topic. _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
