[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Another Method to Block Java Hijinks

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Another Method to Block Java Hijinks
From: norvid <norvid@xxxxxxxxx>
Date: Thu, 5 Apr 2007 20:18:47 -0400
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Thu, 05 Apr 2007 20:18:59 -0400
Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=JfeRmJFSHnnDOcwAgXw2Y2xCEhnbvaVYhYjuh0GIOca/get+/r8+ys/OhCDdx5X49pXlqze64aJMlljYAxgBjtjngv3c9xJtdqBXqAUwYjvAiMyK/RbQu3g4RNfO0mjdTZ5THkCmAXFXgvrlnhMwA/mzgyO8hNaQGt36nB04YYw=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=rAyVOSLj7q52ctI++oAahorrcrlY2ae2cceuF3cjv/B7D/xdnePG3b2q3i51tW9fWu8NeYTa5pfT9EdpY4zg9yOLkZgSS0/pyFsFfWsYE00JmCzU0VsyvCjliiguPxglwWtLlrYTYwyWbjL6z7xBDUGwyUq4A4pnvPLg30purD0=
In-reply-to: <461565DB.5000208@scs.carleton.ca>
References: <726285910704020513g653cd166qe4d5f5d9c5aebbff@mail.gmail.com> <4615263A.5060401@scs.carleton.ca> <726285910704051002w42f6f0c4pdf0002ed12dc909c@mail.gmail.com> <461565DB.5000208@scs.carleton.ca>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

On 4/5/07, James Muir <jamuir@xxxxxxxxxxxxxxx> wrote:

norvid wrote:
> On 4/5/07, James Muir <jamuir@xxxxxxxxxxxxxxx> wrote:
>> norvid wrote:
>
> <snip>
>
>> I've heard that properly configuring a firewall can be tricky.  In any
>> case, using a firewall still doesn't protect from Java applets reading
>> identifying information locally and sending it back through the
>> anonymous connection.
>
> Actually, I believe that with the browser denied access to the
> internet, the normal 2-way java applet communication is prevented.
> Please try the test I mentioned.

In the tests that I have done previously, the Java VM inherits the proxy
settings listed in the browser (at least this is what is supposed to
happen; sometimes this does not happen).  So if the browser is
configured to use Privoxy and these setting are communicated correctly
to the Java VM, what is there to stop a Java applet from sending back
data through Privoxy?


I don't know the answers to these questions other than to say that I
am not configuring any of the proxy settings in the Java VM.  They are
the default.

I have tried to configure Java VM proxy settings with no apparent
success.  I have no idea why this does not work.

My test might best be performed on a Windows machine as the
availability of software firewalls is fairly extensive.  Alot of these
are easily configurable to block the browser and allow Privoxy access.
Although I don't have much experience with Linux, I'm guessing that
it might be a little more difficult to configure than Windows.

I am certain that on my machine using two different firewalls, the
very specific test I detailed will not determine my real IP even
though Java is enabled.  Of course it cannot determine my IP if Java
is disabled also.


-James


Dave

Follow-Ups:
- Re: Another Method to Block Java Hijinks
  - From: scar

References:
- Another Method to Block Java Hijinks
  - From: norvid
- Re: Another Method to Block Java Hijinks
  - From: James Muir
- Re: Another Method to Block Java Hijinks
  - From: norvid
- Re: Another Method to Block Java Hijinks
  - From: James Muir

Prev by Author: Re: Another Method to Block Java Hijinks
Next by Author: Re: Another Method to Block Java Hijinks
Previous by thread: Re: Another Method to Block Java Hijinks
Next by thread: Re: Another Method to Block Java Hijinks
Index(es):
- Author
- Thread