[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Another Method to Block Java Hijinks

On 4/5/07, James Muir <jamuir@xxxxxxxxxxxxxxx> wrote:
norvid wrote:
> On 4/5/07, James Muir <jamuir@xxxxxxxxxxxxxxx> wrote:
>> norvid wrote:
> <snip>
>> I've heard that properly configuring a firewall can be tricky.  In any
>> case, using a firewall still doesn't protect from Java applets reading
>> identifying information locally and sending it back through the
>> anonymous connection.
> Actually, I believe that with the browser denied access to the
> internet, the normal 2-way java applet communication is prevented.
> Please try the test I mentioned.

In the tests that I have done previously, the Java VM inherits the proxy
settings listed in the browser (at least this is what is supposed to
happen; sometimes this does not happen).  So if the browser is
configured to use Privoxy and these setting are communicated correctly
to the Java VM, what is there to stop a Java applet from sending back
data through Privoxy?

I don't know the answers to these questions other than to say that I am not configuring any of the proxy settings in the Java VM. They are the default.

I have tried to configure Java VM proxy settings with no apparent
success.  I have no idea why this does not work.

My test might best be performed on a Windows machine as the
availability of software firewalls is fairly extensive.  Alot of these
are easily configurable to block the browser and allow Privoxy access.
Although I don't have much experience with Linux, I'm guessing that
it might be a little more difficult to configure than Windows.

I am certain that on my machine using two different firewalls, the
very specific test I detailed will not determine my real IP even
though Java is enabled.  Of course it cannot determine my IP if Java
is disabled also.