[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] wget - secure?

On Wed, Apr 18, 2012 at 4:56 AM, Maxim Kammerer <mk@xxxxxx> wrote:
> On Wed, Apr 18, 2012 at 11:37, Robert Ransom <rransom.8774@xxxxxxxxx> wrote:
>> Which version of wget did you audit?  What information leaks did you
>> check for during your audit?
> I should have known I would get useless replies with zero informative
> content to that summary. Wget does not resolve hostnames when it uses
> a proxy. Many programs do (e.g., Midori does, and Pidgin did at one
> point, if I am not mistaken), but wget doesn't. Wget is therefore safe
> to use via Tor. Do you have any specific information saying otherwise,
> besides the obvious “no one should ever claim that anything is 100%
> anything, ever”? Note that I originally replied to a post by Runa
> Sandvik which was entirely wrong and needed correction, and that you
> are quoting a summary. What is your contribution to this thread
> exactly?

I'm sorry, but I think you have it backwards in terms of uselessness
of replies on this thread.  Ransom asked you a series of cordial,
pointed questions wondering under what configuration you determined
wget does not leak.  The underlying point is that it would be neat if
you've done a comprehensive analysis of a specific version of Tor,
etc., etc.

That would be useful to know. best, Joe

Joseph Lorenzo Hall
Postdoctoral Research Fellow
Media, Culture and Communication
New York University
tor-talk mailing list