[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] [tor-dev] Porting Tor Browser to the BSDs

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] [tor-dev] Porting Tor Browser to the BSDs
From: Andreas Krey <a.krey@xxxxxx>
Date: Sun, 12 Apr 2015 08:47:35 +0200
Cc: libertas@xxxxxxxxxxx
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 12 Apr 2015 02:47:56 -0400
In-reply-to: <5529BA28.30909@xxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <54E36CA2.9040504@xxxxxxxxxxx> <5529BA28.30909@xxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.4.2.1i

On Sat, 11 Apr 2015 17:19:52 +0000, Yuri wrote:
...
> There is no need to port TBB to BSD. Not worth of the effort. TBB is 
> unable to 100% separate tor and non-tor connections due to the network 
> stack architecture.

I'm not sure whether you're barking up the right tree.

> TBB users are typically recommended to disable 
> JavaScript, to disable Flash,

TBB comes without javascript.

> ... to not use any plugins and addons, etc.

This is (also) about fingerprinting issues. You're not
anonymous when your HTTP headers look different from
anybody else's.

> This doesn't sound like a very secure 
> system. The potential leaks (IP and DNS) are virtually unavoidable with TBB.

TBB is specific browser bundled with (lowercase) tor. The former
has some patches to avoid all kinds of information leakage.

> Security-by-isolation approach provides much better security in general, 
> because it relies on the small and simple code in the core of the 
> network tunnel.

Depending on what browser (or other tools) you use behind the
isolation you may be fully re-cognizable as the same person
(not identifyable) despite coming from random tor exit nodes.

> Whonix https://www.whonix.org is a very good solution available on all 
> BSDs today. For some reason it remains under-appreciated.

Tails also comes to mind.

Andreas

-- 
"Totally trivial. Famous last words."
From: Linus Torvalds <torvalds@*.org>
Date: Fri, 22 Jan 2010 07:29:21 -0800
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] [tor-dev] Porting Tor Browser to the BSDs
  - From: WhonixQubes

References:
- Re: [tor-talk] [tor-dev] Porting Tor Browser to the BSDs
  - From: Yuri

Prev by Author: [tor-talk] Interview Study on Anonymity and Peer Production
Next by Author: Re: [tor-talk] Clarification of Tor's involvement with DARPA's Memex
Previous by thread: Re: [tor-talk] [tor-dev] Porting Tor Browser to the BSDs
Next by thread: Re: [tor-talk] [tor-dev] Porting Tor Browser to the BSDs
Index(es):
- Author
- Thread