[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] FBI cracked Tor security
> Should add that users with NoScript enabled would not have been
> vulnerable - I get the "noscript decreases privacy" argument, but I'd
> still kinda like it to be on by default to protect users. Maybe with a
> malicious ads, FBI malware, and miscellaneous trackers" button :)
>>> There are frequently vulnerabilities in hosting services - content
>>> management interfaces...many sites, darkweb or not, have much broader
>>> attack surfaces than their owners understand.
What do you think about these recommendations for onion sites:
2) Ensure there are no offsite images dynamically included, and no
dependencies on other domains (e.g. wordpress, google fonts).
3) good quality SSL certs from e.g. Lets Encrypt, with instructions how
users can verify.
It might look more "primitive" but the content is what users come for.
For months i have been suggesting to friends and clients, who are
regular (non-Tor) users, to install Ublock Origin.
Once enough people get used to rejecting 3rd party ads and snooping,
TorBrowser can safely make that the default behaviour. Firefox "reader
mode" already seems to do something like it, but not for privacy purposes.
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to