[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: HTTPS & Tor?

To: or-talk@xxxxxxxxxxxxx
Subject: Re: HTTPS & Tor?
From: Adam Langley <alangley@xxxxxxxxx>
Date: Fri, 29 Apr 2005 09:00:24 +0100
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Fri, 29 Apr 2005 04:00:45 -0400
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=NoIfpIURPWbx+o3+RHbzapcU374ahhl9qAXwXrhT3gIz6TPluC4vuFIGIysUGzM9Fdo12HEkGspLSlXqwV5UAXwIh7mE0IzdSAv683d2uuEyo2Na9//10ucIarHcYVUDhfs0JEqZbd2ug8tzd9IrqwKxF6CoNKw7ABC1QeC0BQs=
In-reply-to: <20050428215626.035927262@sitemail.everyone.net>
References: <20050428215626.035927262@sitemail.everyone.net>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

On 4/28/05, lkjklj lkjlkj <herehere@xxxxxxxxxxxxxxxxx> wrote:
> HTTPS defeates the filtering process of Privoxy so your environmental info is in the clear.
> 
> I was reading Adam Langley's thread on writing a proxy and he mentioned that Tor doens't (can't) handel HTTPS connections.

Nope. The word HTTPS doesn't appear in my email as far as I can see.

Tor deals with HTTPS connections just the same as it does HTTP ones.
However, *privoxy* cannot see inside them to strip headers and the
like.

> 1. If HTTPS defeates Privoxy's ability to filter enviro. info does HTTPS also defeate Privoxy's DNSLookup forwarding?

Nope.

> 2. Why did Mr. Langley mention that Tor doesn't handel HTTPS?

I didn't that I can see. Can you quote the part that you're referring to?

> 3. How can I ensure FTP requests via. imbeded web script (through pics, etc) don't break my anonymity with Tor?

For FTP requests just set your web browser's FTP proxy to something.
Either a valid SOCKS forwarding via Tor or an invalid host (to disable
FTP).

For embedded Real/Flash etc you may be able to set their proxies also
- I don't know.

> 4. Are there any issues with anti-virius, anti-torjen, firewalls, antispware/malware leaking real IP's while I'm using Tor?

Yes. All of these can leak your IP address and/or record the webpages you read.

AGL

-- 
Adam Langley                                      agl@xxxxxxxxxxxxxxxxxx
http://www.imperialviolet.org                       (+44) (0)7906 332512
PGP: 9113   256A   CC0F   71A6   4C84   5087   CDA5   52DF   2CB6   3D60

References:
- HTTPS & Tor?
  - From: lkjklj lkjlkj

Prev by Author: Re: Bug: Expiring a dns resolve that's still pending. Forgot to cull it?
Next by Author: Re: EntryNode / ExitNode Howto
Previous by thread: HTTPS & Tor?
Next by thread: Re: HTTPS & Tor?
Index(es):
- Author
- Thread