[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Google's Chrome Web Browser and Tor

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Google's Chrome Web Browser and Tor
From: Geoff Down <downie@xxxxxxxxxxxxxx>
Date: Fri, 5 Sep 2008 00:01:56 +0100
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Thu, 04 Sep 2008 19:02:07 -0400
In-reply-to: <21f144250809041546q37624a43l9a81bd1a2f4e31b5@xxxxxxxxxxxxxx>
References: <21f144250809041520v7d67cc3fu1baec2f490600f79@xxxxxxxxxxxxxx> <48C060CB.5030101@xxxxxxxxx> <21f144250809041546q37624a43l9a81bd1a2f4e31b5@xxxxxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

Is there an echo in here?
Is there an echo in here?
On 4 Sep 2008, at 23:46, Kyle Williams wrote:

I've also noticed that while using the "incognito" feature, I was ableto see my history from a regular browser window.
Example:
If I were to visit "www.microsoft.com" in a regular window, opened anew "incognito" window, then type in "www" in the URL bar, it showsthat I've visited "www.microsoft.com" or any other site that wasvisited from a regular browser window.
So it looks like the History in a regular browser window is accessiblefrom the "incognito" window, but not the other way around.
On Thu, Sep 4, 2008 at 3:27 PM, Hideki Saito <hidekis@xxxxxxxxx> wrote:
Just curious to how private is their private browsing feature. Don't
feel much secure to me for plugins (perhaps cookies are isolatedthough)
 as it is not really meant for use with Tor...

 > Hi all,
 >
 > I've been playing around with Google's new web browser and Tor.  I
 > thought it might be good to share my findings with everyone.
> After reading Google's privacy policy[1], I for one would not wantto
 > use this on a regular basis, if at all.
 >
> The first bug I tried was an old one I found with Firefox; theNEWS://
 > URI type.
 > Any link that has a NEWS:// URI will launch Outlook Express and
 > attempt to contact the server in the URL...without using Tor.
 >
 > The second bug I found resulted in local file/folder disclosure.
 > This is very similar to the one I found in Internet Explorer.
 >
> The third bug I found was with MIME-TYPEs, specifically WindowsMedia
 > Player supported formats.
 > The BANNER tag can also leak your IP address when the playlist is
 > loaded *IF* WMP is not set to use a proxy.
> Also, a playlist in WMP can specify protocols that use UDP, hence,no
 > proxy support...no Tor.
 >
 > On the flip-side, it is very cool how each browser tab is it's own
 > process, making several types of attacks much more difficult.
> However, with an invasive privacy policy, local proxy bypassing,and> local files/folders able to be read from your hard drive, I'vedecided
 > not to use this browser.
 >
 > It just doesn't feel privacy/anonymity friendly to me.
 > Anyone else want to chime in on this?
 >
 >
 > - Kyle
 >
 > [1] http://www.google.com/chrome/intl/en/privacy.html
 > (Basically states you have no privacy when using Chrome)

Follow-Ups:
- Re: Google's Chrome Web Browser and Tor
  - From: sigi

References:
- Google's Chrome Web Browser and Tor
  - From: Kyle Williams
- Re: Google's Chrome Web Browser and Tor
  - From: Hideki Saito
- Re: Google's Chrome Web Browser and Tor
  - From: Kyle Williams

Prev by Author: Re: Archive & email addresses
Next by Author: Force exitnode oddness
Previous by thread: Re: Google's Chrome Web Browser and Tor
Next by thread: Re: Google's Chrome Web Browser and Tor
Index(es):
- Author
- Thread