Privoxy and Java Re: Building tracking system to nab Tor

[Dave Jevans <djevans@xxxxxxxxxxx>]

Privoxy routes DNS through TOR.
Question: does Java in a browser run through the browser's IP stack? 
If so, its DNS packets would go through the SOCKS proxy and Privoxy, 
then TOR.  Right?


At 9:46 PM -0800 3/6/07, Michael_google gmail_Gersten wrote:
> Well, first, this is just the normal exit node exposure of tor.
>
> The exit node in your circuit gets to see the raw communication
> between you and your destination. If you are using an SSL channel
> (SSH, https, etc) then nothing is a problem. Otherwise, the exit node
> can do things like spy on usernames and passwords, etc.
>
> There are already sites that modify the HTML of web pages going
> through them -- I've had scripts munged on some sites, for example --
> and this is just another case of that.
>
> Now, I believe tor allows you do exclude nodes from ever being used as
> exit nodes.
>
> On 3/6/07, Fergie <fergdawg@xxxxxxxxxxx> wrote:
> > Hmmm.
> >
> >  http://blogs.zdnet.com/security/?p=114
> >
> > Comments?
> >
> >
> > --
> > "Fergie", a.k.a. Paul Ferguson
> >  Engineering Architecture for the Internet
> >  fergdawg(at)netzero.net
> >  ferg's tech blog: http://fergdawg.blogspot.com/