[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

piNg: Mike Perry - Torbutton 1.1.5

To: or-talk@xxxxxxxx
Subject: piNg: Mike Perry - Torbutton 1.1.5
From: torqued@xxxxxxxxxxxxx
Date: Sat, 28 Jul 2007 21:44:08 -0400
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Sat, 28 Jul 2007 21:51:47 -0400
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Internet Messaging Program (IMP) 3.2.2

First off I want to thank you for the time and effort you and your colleague(s)
have put into this project.

But..

For the love of all that's Holy, please tell me a way of turning off the mind
numbingly annoying:

--> False win hooking. Please report bug+website! <--

Is there anything in 'about:config' I could modify/delete to turn OFF this
_feature_ (cough) of Torbutton 1.1.5?

Say I've got two or more browser tabs open in FF, the error messageg ALWAYS
appears when I click back and forth between the tabbed browser windows.
It matters NOT what URL I'm at.

For example, in one tab I can load:
http://torbutton.torproject.org/dev/

and in a second tab I can load:
http://archives.seul.org/or/talk/Jul-2007/msg00114.html

They both load fine, however, if I click back and forth between the two tabs the
afore mentioned error message ALWAYS (re)appears (requiring a click to the 'OK'
button to clear)

(X86)XP SP2
Firefox 2.0.0.5
-DOM Inspector 1.8.1.5
-Flashblock 1.5.4.1
-NoScript 1.1.6.08
-Torbutton 1.1.5
Tor v0.1.2.14
Privoxy 3.0.6 Win

I could revert back to Torbutton 1.0.4 but I really like the added
security/anonymity features of 1.1.5(alpha)


And while I'm on that whole security thing <g>

With all the many extremely talented coders/hackers/former cDc
members etc, who read this mailing list, would it be so terribly
difficult to put up a 'web page' that throws every single
exploit known to mankind at the visitors browser to test for leakage?

I mean there are dozens of "what your browser reveals about you"
sites around the planet based on Java/JavaScript and the
http://metasploit.com/research/misc/decloak/index.html seems to
go one step further in showing Flash plugin leaks. But what I'm
talking about is a single site which trys to exploit/decloak
Quicktime/Realplayer/Acrobat/MS Office yada,yada, plugins,
helper apps, file types, etc. Not by actually by opening/viewing
vids,pdfs,docs etc, but by merely having them as 'plugins' in
the visitor's browser.

Pipe dream?

Follow-Ups:
- Re: piNg: Mike Perry - Torbutton 1.1.5
  - From: phobos

Prev by Author: On the performance scalability of Tor
Next by Author: Re: On the performance scalability of Tor
Previous by thread: Re: using or-talk
Next by thread: Re: piNg: Mike Perry - Torbutton 1.1.5
Index(es):
- Author
- Thread