[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] r9766: mention quicktime explicitly, and mention the exit node issu (website/trunk/en)
- To: or-cvs@xxxxxxxxxxxxx
- Subject: [or-cvs] r9766: mention quicktime explicitly, and mention the exit node issu (website/trunk/en)
- From: arma@xxxxxxxx
- Date: Thu, 8 Mar 2007 07:01:24 -0500 (EST)
- Delivered-to: archiver@seul.org
- Delivered-to: or-cvs-outgoing@seul.org
- Delivered-to: or-cvs@seul.org
- Delivery-date: Thu, 08 Mar 2007 07:01:37 -0500
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-cvs@xxxxxxxxxxxxx
Author: arma
Date: 2007-03-08 07:01:21 -0500 (Thu, 08 Mar 2007)
New Revision: 9766
Modified:
website/trunk/en/download.wml
Log:
mention quicktime explicitly, and mention the exit node issue
explicitly too.
Modified: website/trunk/en/download.wml
===================================================================
--- website/trunk/en/download.wml 2007-03-08 10:22:19 UTC (rev 9765)
+++ website/trunk/en/download.wml 2007-03-08 12:01:21 UTC (rev 9766)
@@ -118,7 +118,7 @@
</p>
<p>First, Tor only protects applications that are configured to
-send their traffic through Tor -- it doesn't magically anonymize
+send their traffic through Tor — it doesn't magically anonymize
all your traffic just because you install it. We recommend you
use <a href="http://www.mozilla.org/firefox";>Firefox</a> with the <a
href="https://addons.mozilla.org/firefox/2275/";>Torbutton</a> extension.
@@ -127,11 +127,11 @@
</p>
<p>Second, browser plugins such as Java, Flash, ActiveX, RealPlayer,
-Adobe's PDF plugin, and others can be manipulated
+Quicktime, Adobe's PDF plugin, and others can be manipulated
into revealing your IP address. We recommend the <a
href="https://addons.mozilla.org/firefox/1237/";>QuickJava</a> and <a
href="https://addons.mozilla.org/firefox/433/";>FlashBlock</a> extensions,
-and you should probably disable <a href="about:plugins">plugins</a>
+and you should probably uninstall other <a href="about:plugins">plugins</a>
in general.
<!-- You may also find
<a href="https://addons.mozilla.org/firefox/722/";>NoScript</a> and <a
@@ -139,7 +139,7 @@
</p>
<p>Third, beware of cookies: if you ever browse without Tor and Privoxy
-and a site gives you a cookie, that cookie can identify you even when
+and a site gives you a cookie, that cookie could identify you even when
you start using Tor again. You should clear your cookies frequently. <a
href="https://addons.mozilla.org/firefox/82/";>CookieCuller</a> can help
protect any cookies you do not want to lose.
@@ -149,13 +149,17 @@
and it encrypts everything inside the Tor network, but <a
href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ExitEavesdroppers";>it
can't encrypt your traffic between the Tor network and its final
-destination.</a> If you
-are communicating sensitive information, you should use the same level
-of care that you would on the normal scary Internet -- use SSL or other
-end-to-end encryption and authentication approaches.
+destination.</a>
+If you are communicating sensitive information, you should use as much
+care as you would on the normal scary Internet — use SSL or other
+end-to-end encryption and authentication. Also, while Tor blocks attackers
+on your local network from discovering or influencing your destination,
+it opens new risks: malicious or misconfigured Tor exit nodes can send
+you the wrong page, or even send you embedded Java applets disguised as
+domains you trust.
</p>
-<p>Lastly, be smart and learn more. Understand what Tor offers and what
+<p>Last, be smart and learn more. Understand what Tor offers and what
it doesn't offer. This list of pitfalls isn't complete, and we need your
help <a href="<page volunteer>#Documentation">identifying and documenting
all the issues</a>.