[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Will Tor affect Internet Explorer? (newbie question)

>>> "Could a printer or another software that I have check for updates or
>>> something like that and reveal information about me or my machine?"

Modern versions of Windows uses the Windows Update mechanism, behind the scenes, to update a systems' root certs. In the middle of browsing with Internet Explorer, Windows Update is used, and your certs are updated. Older versions of Windows did not do this. I've heard there are ways to disable this behavior, but not sure how. Pretty scary, especially considering how attackers could misuse this feature.

.NET Framework is a Microsoft-based middleware technology from about a decade ago, now well-baked into the Windows OS, and Internet Explorer. Amongst the code protection features of .NET Frameworks's code signing is background CRL lookups to determine if the software being run is valid. Last time I looked, you cannot disable this behavior, only ask for lazy initial checks for ASP.NET web apps (so as not to impact performance benchmarks of ASP.NET apps).

I expect there's half a dozen other new ways Windows "phones home" during normal usage. Reasons to not rely on any Windows-based privacy online, and instead use Linux or natively boot TAILS when wanting to use Tor.
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to