[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Another Method to Block Java Hijinks
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: Another Method to Block Java Hijinks
- From: norvid <norvid@xxxxxxxxx>
- Date: Thu, 5 Apr 2007 13:02:33 -0400
- Delivered-to: archiver@seul.org
- Delivered-to: or-talk-outgoing@seul.org
- Delivered-to: or-talk@seul.org
- Delivery-date: Thu, 05 Apr 2007 13:02:44 -0400
- Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=g018h9oBqHRcBrNGIIvN9X0YogOhXDF3DQDp4cbOAXKo4hzi4eVvaT8dvAbimsmG9WXL1kCnNXnum+lwsZFCyatNyHTy5GklK158fU7bu4uMDnTBVy1PYAQVQ/GhmfQvVJl9GwuBXbChrrjwQlQ0sjxelM9xMrAEwPnm+kDScOY=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=EU0/rRDJcHmX0zaAyImBlm09ENCud/Wf31sGa0qp8VkeQ7qHADuhsh8wbNnx9T8cKX21IEdWoUlwo62feNvLhGtkhD/8VI1BWPWTFSo9qKWoI/zevjucLN4NmGE/b6B8Cn6DoFli4xYdrrdYyjTW4reZfObV09m2VD+JLDsbhk8=
- In-reply-to: <4615263A.5060401@scs.carleton.ca>
- References: <726285910704020513g653cd166qe4d5f5d9c5aebbff@mail.gmail.com> <4615263A.5060401@scs.carleton.ca>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
On 4/5/07, James Muir <jamuir@xxxxxxxxxxxxxxx> wrote:
norvid wrote:
<snip>
I've heard that properly configuring a firewall can be tricky. In any
case, using a firewall still doesn't protect from Java applets reading
identifying information locally and sending it back through the
anonymous connection.
Actually, I believe that with the browser denied access to the
internet, the normal 2-way java applet communication is prevented.
Please try the test I mentioned.
In my opinion, I think its best just to disable Java, and all the other
plugins mentioned in the warning on the download page.
I agree. I am throwing my idea out here just for info purposes so
that those who know more than I might take it into consideration for
whatever it's worth (perhaps not much).
You may be interested to know that there is a Live CD which bundles Tor
and some ipchains rules. It is mentioned in the Tor FAQ -- see "Virtual
Privacy Machine":
I am perfectly happy for my purposes with the way I have Tor
configured. I'd likely give that a try if and when I get a new
machine with a new OS.
<snip>
Dave