[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: A warning to proxy writers

To: or-talk@xxxxxxxxxxxxx
Subject: Re: A warning to proxy writers
From: Adam Shostack <adam@xxxxxxxxxxxx>
Date: Thu, 21 Apr 2005 13:26:38 -0400
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Thu, 21 Apr 2005 13:27:22 -0400
In-reply-to: <20050421055415.S2564@moria.mit.edu>
References: <396556a20504190225ac9fdb4@mail.gmail.com> <20050421055415.S2564@moria.mit.edu>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Mutt/1.4.2i

On Thu, Apr 21, 2005 at 05:54:15AM -0400, Roger Dingledine wrote:
| On Tue, Apr 19, 2005 at 10:25:36AM +0100, Adam Langley wrote:
| > If the user doesn't have every protocol proxyied then an image link to
| > https:// or ftp:// etc could cause a non-Tor connection.
| 
| Hi Adam,
| 
| This is a nice list. Can you confirm that common browsers will
| automatically load a ftp:// image link? If so, we should really
| consider how to deal with that. :}

Get the firefox guys to start adding integration features.

Justification:  Browsers are big, complex bits of software, which will
do surprising things.  Some of those things, like "load an image via
ftp," are configurable, or handle-able by a proxy.  In other cases,
(flash, or javascript, which is now part of PDF) the proxy potentially
has to deal with the covert channel problem.  Things get easier if the
browser participates in protecting people's privacy.

Adam

References:
- A warning to proxy writers
  - From: Adam Langley
- Re: A warning to proxy writers
  - From: Roger Dingledine

Prev by Author: Re: even simpler solution [was: Re: script to magically restart tor [was: Re: disappearing nodes]]
Next by Author: Re: Tor as a component of a cohesive anonymizing OS
Previous by thread: Re: A warning to proxy writers
Next by thread: (FWD) New Hidden Service
Index(es):
- Author
- Thread