[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] browser fingerprinting

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] browser fingerprinting
From: Randolph <rdohm321@xxxxxxxxx>
Date: Mon, 14 Apr 2014 19:48:44 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 14 Apr 2014 13:56:45 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=MzcJTpM+k4407ItbEcRLpGFRF/v8rUq69kEuvp6X4v8=; b=mDoug65HROMgL9kgApzqJ89QyLaZbJX3CsZYVQBvePnkqZ9NkR3w0jj1pIbCbhjbip O3D4naS3Uh73HTvVi1wB8EIErD//HZ56QjcHxwk3s91REwXn2Eyt7UsM5CRfHGqMWcz9 NZzABPgesQnRSMfo1GOtmCCr7JEprJDom7jqrbeo60PHXeUSylCEil3PONlxr1OfusGb WMh8aPtcU9TBSd27tWURJwRA6DJLzMj1P16E/imR+K27+KKbAj/7xd7YJgC4pmiVbjXW b5Od7provmCB9uWCXYmf0U0jWf29OmzcrDjiBfekFpUZG2aP7HGnUB7mkMchBOHL5fN+ rprg==
In-reply-to: <CAEvNM8ngB9T61bAOKfQCn=cnC4DGt_HpqjQFiBGurOwrN6YYzA@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <CAEvNM8m0g6EeKKUe0OweqJ0JDV62s9y6XhATD2QjsvgwUJVM5w@xxxxxxxxxxxxxx> <534BE6D2.509@xxxxxxxxxx> <CAEvNM8ngB9T61bAOKfQCn=cnC4DGt_HpqjQFiBGurOwrN6YYzA@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

another torbleed:
http://stackoverflow.com/questions/391979/get-client-ip-using-just-javascript
http://en.wikipedia.org/wiki/JavaScript#Security


2014-04-14 19:44 GMT+02:00 Randolph <rdohm321@xxxxxxxxx>:

>
> http://stackoverflow.com/questions/371875/local-file-access-with-javascript
>
> then firefox with javascript enabled is a torbleed.
>
>
> 2014-04-14 15:46 GMT+02:00 Gerardus Hendricks <konfkukor@xxxxxxxxxx>:
>
> On 4/13/14 9:20 PM, Randolph wrote:
>>
>>> Anonymity is quite easily broken, if cookies cannot managed (e.g. like
>>> in certain browsers) and if javascript is enabled. As far as we see,
>>> Firefox in the Tor bundle disables javascript, right?
>>> Javascript allows to access the local IP address and files, which host
>>> the
>>> local IP address. That`s why Tor and Javascript do not go together.
>>>
>>
>> The Tor Browser Bundle does not disable Javascript by default. You can
>> easily disable it by clicking the NoScript button at the left side of the
>> address bar, and clicking 'Disallow all' (or something like that)
>>
>> Javascript doesn't reveal your "local IP address and files".
>> --
>> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
>> To unsubscribe or change other settings go to
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>>
>
>
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] browser fingerprinting
  - From: Randolph

References:
- [tor-talk] browser fingerprinting
  - From: Randolph
- Re: [tor-talk] browser fingerprinting
  - From: Gerardus Hendricks
- Re: [tor-talk] browser fingerprinting
  - From: Randolph

Prev by Author: Re: [tor-talk] browser fingerprinting
Next by Author: Re: [tor-talk] browser fingerprinting
Previous by thread: Re: [tor-talk] browser fingerprinting
Next by thread: Re: [tor-talk] browser fingerprinting
Index(es):
- Author
- Thread