[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Tor best practices



From TFA:
  1. Create a new Firefox account (use the profile manager or a new user account in your OS)
  2. Assume someone is maliciously reading and altering everything not sent through an https:// connection with a good certificate.
  3. In about:config, turn the security.warn_* alerts on, and the one-time option off.
  4. Use a different Firefox theme.
  5. Allow cookies for the originating site, and only until Firefox is closed. You might turn cookies off.
  6. Install the FlashBlock and NoScript extensions, and configure them to disallow everything.
  7. Set the about:config property network.proxy.socks_remote_dns to true.
Doesnt TORPARK satisfy most of these? But yes, I'd like to see the plugins too included.

Regards


On 10/22/06, Tim McCormack <basalganglia@xxxxxxxxxxxxxxx> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


So, I wrote up a blog entry on best practices for browsing with Tor (the
URL has changed):

http://www.brainonfire.net/2006/10/21/tor-best-practices-anonymous-browsing/

I don't feel knowledgeable enough to write the "Installation edition" or
the "Server edition".  Anybody want to do that? (I can provide web space
for anyone who doesn't have their own.)

- Tim McCormack

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFOo2MVQNUFzu/ThIRAhKFAKDZO9GlD7CBjJP59RvRXdBSNh1/OACgoTYx
msEQkjRwjOvjtalJTKI1Qfs=
=6jvI
-----END PGP SIGNATURE-----