another torbleed: http://stackoverflow.com/questions/391979/get-client-ip-using-just-javascript http://en.wikipedia.org/wiki/JavaScript#Security
2014-04-14 19:44 GMT+02:00 Randolph <rdohm...@gmail.com>: > > http://stackoverflow.com/questions/371875/local-file-access-with-javascript > > then firefox with javascript enabled is a torbleed. > > > 2014-04-14 15:46 GMT+02:00 Gerardus Hendricks <konfku...@riseup.net>: > > On 4/13/14 9:20 PM, Randolph wrote: >> >>> Anonymity is quite easily broken, if cookies cannot managed (e.g. like >>> in certain browsers) and if javascript is enabled. As far as we see, >>> Firefox in the Tor bundle disables javascript, right? >>> Javascript allows to access the local IP address and files, which host >>> the >>> local IP address. That`s why Tor and Javascript do not go together. >>> >> >> The Tor Browser Bundle does not disable Javascript by default. You can >> easily disable it by clicking the NoScript button at the left side of the >> address bar, and clicking 'Disallow all' (or something like that) >> >> Javascript doesn't reveal your "local IP address and files". >> -- >> tor-talk mailing list - tor-talk@lists.torproject.org >> To unsubscribe or change other settings go to >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk >> > > -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
