[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Risk of selectively enabling JavaScript

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Risk of selectively enabling JavaScript
From: Andreas Krey <a.krey@xxxxxx>
Date: Tue, 7 Jan 2014 15:00:41 +0100
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 07 Jan 2014 09:11:34 -0500
In-reply-to: <DUB121-W2F643DA32A62999F09B41C8B60@xxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <52CBD253.5050906@xxxxxxxxx> <DUB121-W2F643DA32A62999F09B41C8B60@xxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.4.2.1i

On Tue, 07 Jan 2014 12:58:49 +0000, Mark McCarron wrote:
...
> The fact that TBB disables javascript is a testimony to how bad the javascript coders of Firefox are.

Ex falso sequitur quodlibet.

> I think there is a solid argument for adding filters to the exit nodes that strip anything that could be used against a person and enforce default headers ,etc.

Why should it? The default user uses TBB, i.e. the filtering (of the
identical headers each TBB produces) can be done there as well.

The exit node doesn't even know that a) a given stream is a HTTP
connection, b) can't look at all into HTTPS, and c) has no way of knowing
that the user in question has clicked the don't-filter-me-button.

Andreas

-- 
"Totally trivial. Famous last words."
From: Linus Torvalds <torvalds@*.org>
Date: Fri, 22 Jan 2010 07:29:21 -0800
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- [tor-talk] Elementary question
  - From: kelemenopy
- Re: [tor-talk] Risk of selectively enabling JavaScript
  - From: Mark McCarron

References:
- Re: [tor-talk] Risk of selectively enabling JavaScript
  - From: Michael Wolf
- Re: [tor-talk] Risk of selectively enabling JavaScript
  - From: Mark McCarron

Prev by Author: [tor-talk] FYI: TBB Process sandboxing & current mozilla development
Next by Author: Re: [tor-talk] !!! Important please read. !!!
Previous by thread: Re: [tor-talk] Risk of selectively enabling JavaScript
Next by thread: Re: [tor-talk] Risk of selectively enabling JavaScript
Index(es):
- Author
- Thread