[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Reducing java leakage in windows

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Reducing java leakage in windows
From: James Muir <jamuir@xxxxxxxxx>
Date: Mon, 03 Dec 2007 00:01:03 -0400
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Sun, 02 Dec 2007 23:01:36 -0500
In-reply-to: <4753014C.7000408@xxxxxxxxx>
References: <4753014C.7000408@xxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Thunderbird 2.0.0.6 (X11/20071022)

Arrakis wrote:

It appears that Java attacks for causing external IP data to be leaked
can be mitigated to some good degree. The upshot is that you can now run
Java applets that even when attempting to phone home directly (revealing
your IP), they are routed through the socks port and thus Tor or any
other socks speaking application. What we are doing is changing the
proxy settings of the Java Control Panel in windows.

Some time ago, I conducted several tests that demonstrated that JavaApplets have the ability to disregard proxy settings in the Java Controland open direct non-proxied connections. I do not think what you havedescribed will work.


-James

Follow-Ups:
- Re: Reducing java leakage in windows
  - From: Arrakis
- Re: Reducing java leakage in windows
  - From: Jacob Appelbaum

References:
- Reducing java leakage in windows
  - From: Arrakis

Prev by Author: Re: Reducing java leakage in windows
Next by Author: Re: Reducing java leakage in windows
Previous by thread: Re: Reducing java leakage in windows
Next by thread: Re: Reducing java leakage in windows
Index(es):
- Author
- Thread