[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Adblock Plus and Ghostery should be included in Tor bundle

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Adblock Plus and Ghostery should be included in Tor bundle
From: Joe Btfsplk <joebtfsplk@xxxxxxx>
Date: Sun, 12 Feb 2012 19:03:36 -0600
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 12 Feb 2012 20:04:20 -0500
In-reply-to: <4F382868.5080607@xxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <1329061997.90826.YahooMailNeo@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> <4F382868.5080607@xxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (Windows NT 6.0; WOW64; rv:9.0) Gecko/20111222 Thunderbird/9.0.1

On 2/12/2012 3:00 PM, Patrick Mézard wrote:

For me, a more basic question is whether installing extensions from afresh Tor installed is (sufficiently) safe. I do not know the detailsof the process but it probably involves some HTTPS connections toaddons.mozilla.org. If the exit node can perform MITM attacks on SSLyou may end up installing something unwanted. Could the initial setupbe made safer, for instance by storing digests of addons.mozilla.orgcertificate in Tor bundles at build time and *warn* if they do notmatch (like a specialized Certificate Patrol would do)? Is it alreadyaddressed in Firefox? --

Can't checking for addons' "check for updates" be unchecked in Aurora /Firefox Options? As well as for the browser & search plugins? Doesthat not solve the problem of some addon connecting to MAO during a Torsession?

_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Adblock Plus and Ghostery should be included in Tor bundle
  - From: Brian Franklin
- Re: [tor-talk] Adblock Plus and Ghostery should be included in Tor bundle
  - From: Patrick Mézard

Prev by Author: Re: [tor-talk] Adblock Plus and Ghostery should be included in Tor bundle
Next by Author: Re: [tor-talk] Adblock Plus and Ghostery should be included in Tor bundle
Previous by thread: Re: [tor-talk] Adblock Plus and Ghostery should be included in Tor bundle
Next by thread: Re: [tor-talk] Adblock Plus and Ghostery should be included in Tor bundle
Index(es):
- Author
- Thread