[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Update (#1) for FF hacks (Was: Re: Easy Firefox hacks to improve anonymity)
- To: or-talk@xxxxxxxxxxxxx
- Subject: Update (#1) for FF hacks (Was: Re: Easy Firefox hacks to improve anonymity)
- From: Anothony Georgeo <anogeorgeo@xxxxxxxxx>
- Date: Wed, 24 May 2006 11:41:52 -0700 (PDT)
- Delivered-to: archiver@seul.org
- Delivered-to: or-talk-outgoing@seul.org
- Delivered-to: or-talk@seul.org
- Delivery-date: Wed, 24 May 2006 14:41:56 -0400
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Received:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=ebmxs+QwYxW6tQi9i4bfosRHdOH2Pj4En2aN+GDeXsGul72q5g/KpX2Y2tmzVUamBXpNmlNAiXDeXozvNOs3Urx7/2DT24le/a0Mu0fetFsTvxTpglPAZTpv4/ufJrSQaS4hE+hWWrQpBVgmgQhbw0696GY0qbvhXCaaugjWXBk= ;
- In-reply-to: <20060524010917.6399.qmail@web37814.mail.mud.yahoo.com>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
Update #1;
These updates are hacks to the "about:config" menu to
improve anonymity and the anonymity set by increasing
the scope of the Tor HTTP/S Header template.
A double asteric "**" denotes an important update
hack.
Great page on RFC specs for "Header Field Definitions"
at cotse <http://www.cotse.com/CIE/RFC/2068/155.htm>
-------
To all: Please read and tell me your opinions.
-------
The anonymity set that I am attempting to use is as
follows:
-Updates are letters 'G', 'H' and 'I' below-
A. User-Agent:
Mozilla, Windows XP, 128-bit encryption, English
(non-localized), Firefox.
B. Referer(Referrer):
Is set to the root (home page) of the site you are
currently visiting
(eg."http://www.example-root.com";;).
I think it is wise to use {forge} for the template
Referer setting. If we use a real domain with the
{custom} paramiter it may get Tor in trouble with the
real domain's owners. I am pretty sure we can not use
{block} as it breakes many sites.
Note:
HTTPS referrer from one HTTPS URL directly to another
HTTPS URL is set to {block} incase RegControl can not
properly handle these headers. This is because I have
not tested (and I don't know) HTTPS to HTTPS referrer
headers.
C. Keep-Alive:
Close
D. Compression:
Prevented
E. X-Forwarded-for:
Not removed or spoofed as FF does not have this
capibility. Besides, the entry node removes your real
"X-Forwarded-for:" header and it already has your real
IP.
F. Ping:
FF will supress the Ping function in HTTP/S.
** G. Accept-Languages:
Configured to match the language in "User-Agent";
English non-localized (<en>).
H. Accept-Default:
Used a configuration that should allow all relevent
file types and is used by a wide range of people
already.
I. Accept-Charsets:
Again, use of a general default setting <iso-8859-1>
and I also used the all parm {*}.
-----------
**Directions**
-Updated settings are #7, #8 and #9 below-
1.
Start Firefox
2.
Type this into the URL bar and hit [enter]:
about:config
3. -HTTPS Referrer-
<http://kb.mozillazine.org/Network.http.sendSecureXSiteReferrer>
3a. Copy/paste the following line into the "Filter:"
bar:
"network.http.sendSecureXSiteReferrer"
3b. Right click on the title and choose "toggle"
ensure the 'Value' entry reads "False".
{false} = Don't send the Referer header when
navigating from a https site to another https site.
4. -Keep-Alive(proxy connection)-
<http://kb.mozillazine.org/Network.http.proxy.keep-alive>
4a. Copy/paste the following line into the "Filter:"
bar:
"Network.http.proxy.keep-alive"
4b. Right click on the title and choose "toggle"
ensure the 'Value' entry reads "False".
{false} = Never use keep-alive connections.
5. -Keep-Alive-
<http://kb.mozillazine.org/Network.http.keep-alive>
5a. Copy/paste the following line into the "Filter:"
bar:
"Network.http.keep-alive"
5b. Right click on the title and choose "toggle"
ensure the 'Value' entry reads "False".
{false} = Never use keep-alive connections.
6. -Accept-Encoding-
<http://kb.mozillazine.org/Network.http.accept-encoding>
Prevent compression of HTTP/S data.
6a. Copy/paste the following line into the "Filter:"
bar:
"network.http.accept-encoding"
6b. Right click on the title and choose "modify".
6c. Delete the text from the box and copy/paste the
following line into the box:
"gzip;q=0,deflate;q=0,compress;q=0"
6d. Now click "OK"
{gzip;q=0,deflate;q=0,compress;q=0} = No compression
** 7. -Accept-Languages-
This should be set to the same language that is used
by the User-Agent; ie. English, non-localized <en>.
7a. Copy/paste the following line into the "Filter:"
bar:
"intl.accept_languages"
7b. Right click on the title and choose "modify".
7c. Delete the text from the box and copy/paste the
following line into the box:
"en"
7d. Now click "OK"
{en} = English, non-localized
8. -Accept-Default-
<http://kb.mozillazine.org/Network.http.accept.default>
8a. Copy/paste the following line into the "Filter:"
bar:
"network.http.accept.default"
8b. Right click on the title and choose "modify".
8c. Delete the text from the box and copy/paste the
following line into the box:
Note: line should not be wrapped.
{text/xml,application/xml,application/xhtml+xml,
text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5}
9. -Accept-Charsets-
9a. Copy/paste the following line into the "Filter:"
bar:
"intl.accept_charsets"
9b. Right click on the title and choose "modify".
9c. Delete the text from the box and copy/paste the
following line into the box:
{ISO-8859-1,*}
10. -Send Ping-
<http://kb.mozillazine.org/Browser.send_pings>
10a. This option is not required, you do not need to
use it.
10b. Right click anywhere in the 'about:config' window
and select "New > Boolean".
10c. Copy/paste the following line into the
'Perference
Name" box:
"Browser.send pings"
10d. In the next window select "false"
{false} = Ignore the ping attribute.
11. -User_Agent-
<http://en.wikipedia.org/wiki/User_agent>
"User Agent Switcher" is a great FireFox extension.
11a. Install "User Agent Switcher"
<https://addons.mozilla.org/firefox/59/>
11b. Restart Firefox
11c. Click on "Tools > User Agent Switcher > Options >
Options...".
11d. In the next window click the text "User Agents"
11e. Then click the "Add" button and enter the
following text in the appropriate boxes:
Note: Lines should not be wrapped.
--
Description: Mozilla, Windows XP, 128-bit encryption,
English
User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1;
en; rv:1.7.10) Gecko/20050716 Firefox/1.0.5
App Name: Firefox
App version: 5.0 (Windows; U; Windows NT 5.1; en;
rv:1.7.10) Gecko/20050716 Firefox/1.0.5
Platform: Win32
Vendor:
Vendor Sub:
--
11f. Now close and reopen Firefox again and select
"Tools > Mozilla, Windows XP, 128-bit encryption,
English"
12. -HTTP/S Referrer-
The FF extension "RefControl" is a great tool.
12a. Install "RefControl"
<http://www.stardrifter.org/refcontrol/>
12b. Restart Firefox
12c. Click on "Tools > RefControl Options..."
12d. In the window that loads click the button "Edit"
12e. Then click the button "Forge" then the buttons
"OK" and "OK".
-----------
Please try this out and let me know how you fare and
where improvments may be made.
-----------
**TESTING**
After following the directions...
A. Go to the following site and record your results:
<http://www.stilllistener.com/checkpoint1/test2/>
B. Then goto this site and record your results:
<http://www.stilllistener.com/checkpoint1/ssi/>
C. Then compare the results from both tests. The
results should be the same as each other and the same
as Tor's official Privoxy configuration.
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com