[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] browser fingerprinting
tor with ff js enabled still bleeding:
http://www.codeproject.com/Questions/589062/HowplustoplusgetplusClientplusIpplusAddressplusand
2014-04-14 19:48 GMT+02:00 Randolph <rdohm321@xxxxxxxxx>:
> another torbleed:
>
> http://stackoverflow.com/questions/391979/get-client-ip-using-just-javascript
> http://en.wikipedia.org/wiki/JavaScript#Security
>
>
> 2014-04-14 19:44 GMT+02:00 Randolph <rdohm321@xxxxxxxxx>:
>
>
>> http://stackoverflow.com/questions/371875/local-file-access-with-javascript
>>
>> then firefox with javascript enabled is a torbleed.
>>
>>
>> 2014-04-14 15:46 GMT+02:00 Gerardus Hendricks <konfkukor@xxxxxxxxxx>:
>>
>> On 4/13/14 9:20 PM, Randolph wrote:
>>>
>>>> Anonymity is quite easily broken, if cookies cannot managed (e.g. like
>>>> in certain browsers) and if javascript is enabled. As far as we see,
>>>> Firefox in the Tor bundle disables javascript, right?
>>>> Javascript allows to access the local IP address and files, which host
>>>> the
>>>> local IP address. That`s why Tor and Javascript do not go together.
>>>>
>>>
>>> The Tor Browser Bundle does not disable Javascript by default. You can
>>> easily disable it by clicking the NoScript button at the left side of the
>>> address bar, and clicking 'Disallow all' (or something like that)
>>>
>>> Javascript doesn't reveal your "local IP address and files".
>>> --
>>> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
>>> To unsubscribe or change other settings go to
>>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>>>
>>
>>
>
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk