[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Traced by my anti-virus?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Traced by my anti-virus?
From: dope457 <dope457@xxxxxxxxxx>
Date: Thu, 01 Aug 2013 17:59:02 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 01 Aug 2013 11:59:17 -0400
In-reply-to: <BAY172-W228580648C4476795F89EEC4500@xxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <BAY172-W228580648C4476795F89EEC4500@xxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130620 Thunderbird/17.0.7

Hello,

1) It depends on the version of TBB/OS/AV. For example entry from TWN:

An anonymous reporter reported [11] a potential leak when using the TorBrowser Bundle 2.3.25-10 on Windows. If Microsoft Security Essentials oranother cloud based anti-virus solution is configured, downloads will

automatically be sent to these external providers — bypassing Tor — once
complete.

The reporter suggested setting the
‘browser.download.manager.scanWhenDone’ property to ‘false’ to prevent
anti-virus solutions from starting without user interaction.

-- Turned out this affects only finished downloads.

  [11] https://bugs.torproject.org/9195

3) For forensics check out this paper:
https://research.torproject.org/techreports/tbb-forensic-analysis-2013-06-28.pdf

Hope this helps.

On 1.8.2013 13:08, Marcos Eugenio Kehl wrote:



Hello Rainmakers!

Questions for the experts:

1. Should I disable/shutdown my anti-virus before start Tor Browser? There is any risk of being traced by my anti-virus?
2. Must I erase all the metadata inside "event logs" in Windows  8, and use CCleaner after close Tor Browser?
3. We could talk a little bit more about computer forensics.
Thanks.


Marcos (Brazil)


--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Traced by my anti-virus?
  - From: Marcos Eugenio Kehl

References:
- [tor-talk] Traced by my anti-virus?
  - From: Marcos Eugenio Kehl

Prev by Author: Re: [tor-talk] We need help.
Next by Author: Re: [tor-talk] A safe social network
Previous by thread: [tor-talk] Traced by my anti-virus?
Next by thread: Re: [tor-talk] Traced by my anti-virus?
Index(es):
- Author
- Thread