[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Building tracking system to nab Tor pedophiles
Thus spake Freemor (freemor@xxxxxxxx):
> I think what needs to be done here is to create a FAQ or other standard
> document that will 1.) inform the vastly misinformed public. 2.) list
> places and ways they can make a difference.
Excellent post, even if slight off-topic. As suggested on IRC, I think
the Tor documentation strategy needs to be rethought. Most people
barely read the download page, let alone the reems of FAQ questions.
We've had two "attacks" now on Tor that rely on unmasking users who
use Tor incorrectly. One of them actually published a paper and had
decent results at unmasking this way (mostly Asian users who probably
can't read our english mailinglist or english FAQ), and the media
still doesn't seem to understand that these attacks are well
The Tor download page should have a concice "Things to know before
downloading" section that lists a few key points about the most easy
ways your identity can be revealed through Tor. Something like
Things to know before you download Tor:
- Browser plugins can be made to reveal your IP.
- This includes Flash, Java, ActiveX and others.
- It is recommended that you use FireFox and install the extensions
NoScript, QuickJava, and FlashBlock to control this behavior if
you must have these plugins installed for non-Tor usage.
- Make sure your browser settings have a proxy listed for ALL
protocols (including Gopher and FTP).
- For further details, please consult the Tor FAQ.
Maybe this will stop the same attack from hitting the blogosphere
every 2 months. Even better, maybe it will stop that attack from
Mad Computer Scientist
fscked.org evil labs