[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: privoxy/firefox

To: or-talk@xxxxxxxxxxxxx
Subject: Re: privoxy/firefox
From: Arrakis Tor <arrakistor@xxxxxxxxx>
Date: Mon, 29 Aug 2005 01:36:55 -0500
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Mon, 29 Aug 2005 02:37:38 -0400
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=FCd7XXQzKKRcjwXplXu/33/dJ7jlHGKrTvLpfQzihD9M4Q8hpoILlrgSejhU2VYXA0fEeFi+AW6Da+/2xpnEPphN+EHHyHSAc7J1S7DyFTJeYjPEKUezhznwf+tG3BhA+PBr8dsVt9LasUG3u0d7NQIjdFuVECshrlEw1u/ybAE=
In-reply-to: <4312A7FC.5070501@walala.org>
References: <7d9163f3050828194670d531e4@mail.gmail.com> <43129FE5.4080608@walala.org> <20050829060409.GK4630@localhost.localdomain> <4312A7FC.5070501@walala.org>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

I would very much appreciate an investigation into it. 

On 8/29/05, ADB <firefox-gen@xxxxxxxxxx> wrote:
>  The latest  stable (1.0.6) operates without causing any screen messages
> when tor is set to 'notice' loglevel. Programs known not to do DNS in a safe
> manner do result in such notifications. When did you last review the source?
> I'll do a local ethernet sniff w/ Etherial if you would like further
> verification (it's late right now otherwise I would just do it immediately).
>  
>  Roger Dingledine wrote: 
>  On Sun, Aug 28, 2005 at 10:40:53PM -0700, ADB wrote:
>  
>  
>  FF does SOCKS 5 securely, so I don't see why you couldn't. The only 
> 
>  
>  
>  Other than not having cookies blocked, Is there anything to lose by
> not having privoxy installed, and using firefox as its own sock5
> proxy? Does this compromise security by dns headers?
>  
>  
> 
> Last I read the code, the way Firefox does socks5 is *not* secure from
> Tor's perspective. It does the DNS resolve itself, then passes the IP
> address to Tor via socks5.
> 
> Firefox 1.1 (not yet released, as far as I know) has an option to "do
> dns remotely", which makes it safe. Adam Langley has a howto on this:
> http://www.imperialviolet.org/deerpark.html
> 
> --Roger
> 
> 
> 
> .
> 
>  
>  
>

Follow-Ups:
- Re: privoxy/firefox
  - From: ADB
- RE: privoxy/firefox
  - From: Bob

References:
- privoxy/firefox
  - From: Arrakis Tor
- Re: privoxy/firefox
  - From: ADB
- Re: privoxy/firefox
  - From: Roger Dingledine
- Re: privoxy/firefox
  - From: ADB

Prev by Author: Re: reconsidering default exit policy
Next by Author: Re: privoxy/firefox
Previous by thread: Re: privoxy/firefox
Next by thread: RE: privoxy/firefox
Index(es):
- Author
- Thread