[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Firefox,FireFTP,FTP etc. downloads anonymity.



On Sun, 7 Nov 2010 10:39:25 -0800 (PST)
Luis Maceira <luis_a_maceira@xxxxxxxxx> wrote:

> When we read the Tor FAQs related to anonymity of ftp tranfers there are several questions that come to mind:
> 1)Is the most recent Filezilla really secure/tested so we can trust the anonymity it provides through Tor?(something close to Firefox/Privoxy/Torbutton?)

Supporting SOCKS4A is a good sign -- that means it might not leak DNS
requests -- but I don't think the Tor developers have reviewed it to
check for other anonymity and security issues.

> 2)Using Firefox 3.6.12 and FireFTP 1.0.9(most recent versions) downloading from Adobe(Flash Player,Adobe Reader,for example) I receive a warning that an external application is being launched -accept or reject-,is this app FireFTP?Is this warning coming from Torbutton?Does FireFTP 1.0.9 still leak DNS requests?

Torbutton displays that warning when you start to download a file that
Firefox will not display itself.  Saving the file to disk with Firefox
itself (with no extensions) probably won't break your anonymity.  I
don't know whether using FireFTP to download the file will break your
anonymity.

However, if you run or open the downloaded file (whether after or
instead of saving the file to disk) on a computer that will ever again
be connected to the Internet, your anonymity can quite easily be
compromised (through unique identifiers hidden inside an executable
file, for example).

> 3)When it comes to ftp through Tor and reading the Tor FAQs it seems the better solution is 3proxy,however this software is not integrated on the major (any?)linux distributions and downloading directly it must be done from a russian website.The guys behind 3proxy can be really trustworthy but I do not feel specially comfortable using the software.

What is 3proxy?


Robert Ransom

Attachment: signature.asc
Description: PGP signature