[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Torfox 3.0.10.1

To: or-talk@xxxxxxxxxxxxx
Subject: Torfox 3.0.10.1
From: Tor Fox <torfox.org@xxxxxxxxx>
Date: Mon, 15 Jun 2009 03:29:04 -0500
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Mon, 15 Jun 2009 04:29:10 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:content-type; bh=XKGQr58Uxw7Tny953OhQBZ+V3mBSJLXgv7/1iE3V9OU=; b=TDTBtwiudPWbHFwNqI08tK6BE2fUEG9H+rYuD/40zWOCoqcOhA7v1hsUK7z+OKV+i7 EVHdg8bkp8VDmmvouEX9zwqYijslqYccg4vYIKe+PeCdwp6MRzcwN97+lJRuviQpMjPs tFcpQ+vGVAtnxnEvPy0apV9jCyHzcScpsJlYs=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=wBf156py1L030f4m47Qbk++uI7TyL3pMfqc/ZRCF5iPOih/wGn+CIbrIYExzw+qQNN yKaM3vAs2tcEDwXTjJoln4ITV4rkHNhCZPeAi2Bx6YRuyy+lYu7FKLbuoOfokw9KsUtX 6inkrN13thYWxJLEkqXcoyIaxQKtrDMLcM/uk=
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

Well it's kind of odd to list the features I've added by what I've taken out but here goes...

First of all, Torfox is produced independently from the Tor anonymity software or Firefox web browser and carries no guarantee from The Tor Project or Mozilla Foundation about quality, suitability or anything else.

Torfox is Tor + forked Firefox with changes in the source code to make it suitable for anonymous browsing:

-no data written outside the program folder (works with USB flash drives)

-no extensions

-no java

-no _javascript_

-no plugins

-no history

-no updates

-no saved cookies

-no disk cache

-no referrer (works with anti-hotlink scripts)

-no extra request headers

-all connections through Tor socks port 9060

-all DNS lookups through tor-resolve

-no exceptions

-no proxy settings (think tsocks/freecap)

It does everything automatically, starts/stops tor, deletes profiles, etc. Also, the startup page is in a frame which will mask the current URL until you enter one manually.

Main site: http://www.torfox.org/

Installer: http://torfox.googlecode.com/svn/trunk/site/Torfox-3.0.10.1.msi

ZIP (for USB flash usage): http://torfox.googlecode.com/svn/trunk/site/Torfox-3.0.10.1.zip

Hashes: http://torfox.googlecode.com/svn/trunk/site/Torfox-3.0.10.1.sha1

The SVN is at http://torfox.googlecode.com/svn/trunk/source/3.0.10/ and has everything needed to build the binaries EXCEPT for the MSI installer, so ignore that and use the ZIP if that's an issue because I haven't gotten around to automating that just yet.

This also blocks common attacks like the CSS history recently discussed[1] and others[2].

If anyone can get Torfox to leak information (other than downloading a file and opening it) let me know.

[1] http://ha.ckers.org/weird/CSS-history.cgi

[2] http://decloak.net/

Prev by Author: Re: eliminating bogus port 43 exits
Next by Author: Re: jurisdictional concentration of authorities
Previous by thread: Hackers exploiting tor clients on .onion sites?
Next by thread: Iran + tor
Index(es):
- Author
- Thread