Thus spake andrew@xxxxxxxxxxxxxx (andrew@xxxxxxxxxxxxxx): > On Fri, Feb 12, 2010 at 05:27:21AM -0500, twinkletoedturtle@xxxxxxxxxxxxx wrote 5.1K bytes in 106 lines about: > : This has already been discussed previously, I was moving on to ask if > : this feature could be added, not debated. > > The simple answer right now is no. There is exactly one person working > on torbutton. There is also one GSoC-student who has a degree to finish > and hacks on torbutton in their spare time. Giving users the ability to > partition themselves at will isn't something we want to do. > > Mike has already responded to this once, but it's his choice if he wants > to respond again. Right. This is a very strange and frustrating thread. In fact, at first I suspected it was just a troll looking to waste my time and energy... But to give Ms/Mr. Turtle the benefit of the doubt, here's the story, one last time: The other features of Torbutton that allow one to shoot themselves in the foot exist because they enable the functionality of plugins or other addons or allow the user to work around bugs. We are not in the habit of providing features that are demonstrably bad for anonymity for no reason, and I am certainly not going to give such work priority over much more important things such as improving the performance of the network as a whole (for ex, my latest work: http://archives.seul.org/or/dev/Jan-2010/msg00012.html). The answer is "Use UA Switcher to give yourself a unique ID if you want", and that's final. Hell, go ahead and write the SHA1 hash of your address and social security number in there if that turns you on. It still won't make you look one bit less like a Tor user, I can promise you that. Furthermore, if UA Switcher it had real malcode in it, it would have been found by now. It is an extremely simple and seldom-updated addon whose code is public and open source, and it has been tested to work just fine with Torbutton. I am committed to fixing any interoperability bugs that turn up with it or any other addons. If update authentication failure or a.m.o tampering is your real concern, perhaps someone in the community here can review and sign Chris Pederick's releases, and/or request that he sign them as well. That said, I do realize Torbutton's user agent string is in need of an update, but I've wanted to avoid doing that when there are actual privacy attacks that apply to the Torbutton versions before the switch. Perhaps the next release will update us to the latest Firefox 3.5 Windows release. -- Mike Perry Mad Computer Scientist fscked.org evil labs
Attachment:
pgpeai87JA7zo.pgp
Description: PGP signature