[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] r19858: {website} bring the warnings list a little bit more up to date. (website/trunk/en)
Author: arma
Date: 2009-06-28 20:05:50 -0400 (Sun, 28 Jun 2009)
New Revision: 19858
Modified:
website/trunk/en/download.wml
Log:
bring the warnings list a little bit more up to date.
Modified: website/trunk/en/download.wml
===================================================================
--- website/trunk/en/download.wml 2009-06-28 21:21:10 UTC (rev 19857)
+++ website/trunk/en/download.wml 2009-06-29 00:05:50 UTC (rev 19858)
@@ -206,32 +206,31 @@
</li>
<li>
-Browser plugins such as Java, Flash, ActiveX, RealPlayer,
-Quicktime, Adobe's PDF plugin, and others can be manipulated
-into revealing your IP address. You should probably
-<a href="http://plugindoc.mozdev.org/faqs/uninstall.html">uninstall your
-plugins</a>
-(go to "about:plugins" to see what is installed), or investigate <a
-href="https://addons.mozilla.org/firefox/1237/">QuickJava</a>, <a
-href="https://addons.mozilla.org/firefox/433/">FlashBlock</a>, and
-<a href="http://noscript.net/">NoScript</a>
-if you really need them. Consider removing extensions that look up
-more information about the websites you type in (like Google toolbar),
-as they may bypass Tor and/or broadcast sensitive information. Some
+Torbutton blocks browser plugins such as Java, Flash, ActiveX, RealPlayer,
+Quicktime, Adobe's PDF plugin, and others: they can be manipulated
+into revealing your IP address. For example, that means Youtube is
+disabled. If you really need your Youtube, you can <a href="<page
+torbutton/faq>#noflash">reconfigure Torbutton</a> to allow it; but
+be aware that you're opening yourself up to potential attack. Also,
+extensions like Google toolbar look up
+more information about the websites you type in:
+they may bypass Tor and/or broadcast sensitive information. Some
people prefer using two browsers (one for Tor, one for unsafe browsing).
</li>
<li>
-Beware of cookies: if you ever browse without Tor and Privoxy
+Beware of cookies: if you ever browse without Tor
and a site gives you a cookie, that cookie could identify you even when
-you start using Tor again. You should clear your cookies frequently. <a
+you start using Tor again. Torbutton tries to handle your cookies
+safely. <a
href="https://addons.mozilla.org/firefox/82/">CookieCuller</a> can help
protect any cookies you do not want to lose.
</li>
<li>
-Tor anonymizes the origin of your traffic,
-and it encrypts everything inside the Tor network, but <a
+Tor anonymizes the origin of your traffic, and it encrypts everything
+between you and the Tor network and everything inside the Tor network,
+but <a
href="https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#ExitEavesdroppers">it
can't encrypt your traffic between the Tor network and its final
destination.</a>
@@ -245,7 +244,8 @@
on your local network from discovering or influencing your destination,
it opens new risks: malicious or misconfigured Tor exit nodes can send
you the wrong page, or even send you embedded Java applets disguised as
-domains you trust.
+domains you trust. Be careful opening documents or applications you
+download through Tor, unless you've verified their integrity.
</li>
</ol>