[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Applications Recommended For Use With Tor +++ PROPOSAL, DRAFT +++

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Applications Recommended For Use With Tor +++ PROPOSAL, DRAFT +++
From: "Alexander W. Janssen" <alexander.janssen@xxxxxxxxx>
Date: Wed, 21 May 2008 01:41:53 +0200
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Tue, 20 May 2008 19:42:17 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:subject:references:in-reply-to:x-enigmail-version:openpgp:content-type; bh=XUZfabQXdGB45Im/oqQULR3Yzh+ZUvuJynrvFF2bw78=; b=OjknPms8Tsg92Z1sC1ujejuVPkSe2VsFFSzJouMSzZZx1XMy7BKZ2oE4gFarcbZWB81AnjO5giKJSyi2cnLn+n1XxFfCIEuDcgDMvQ3PNlTuyvKDkJSI6Lx+s1xlWJjYFTI1lC7o7x89ZMqTM9IRDLVb9bxDijLrSyDIcKDi/2w=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references:in-reply-to:x-enigmail-version:openpgp:content-type; b=wlCWeD7/l0Hg163/g+eDgx691jAVN+ddUAtXSo7r1xeecVPIbjqDhBB+4BJUTmr+L3c4JQ8iB8dPP4NYP1QZyrkvNRbRKE8ZbQQ/abSLAX/ZcoYl0idO9mTz+6OIcsN2wU1wjx9Kt6RcBRcC8SYJWjwgCIobI9qDg/nYhFa2hMw=
In-reply-to: <21f144250805201620h59197705t925d63638108523@xxxxxxxxxxxxxx>
Openpgp: id=90DEE171
References: <48334B3E.4070009@xxxxxxxxx> <21f144250805201620h59197705t925d63638108523@xxxxxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Thunderbird 2.0.0.14 (X11/20080421)

Kyle Williams schrieb:
> Hello Alex,

Aloha Kyle!

> I've already logged into the Wiki and updated the Test Procedures section.
> Seeing as I've found lots of IP disclosure vulnerabilities in the past
> (and future?), I for one would be more than happy to help with this.

Thanks. The whole section is quite a draft and seriously: it needs more
details than we have right now, even with your corrections.

> One application that should never show up on this list is Internet
> Explorer.  I've got two 0-days right now for IE, and they would totally
> compromise your anonymity and security.  Don't worry, they've been
> reported through 3Com's ZDI program and I'm waiting to see the fixes
> come out (who knows when).
> If you use Tor, DO NOT USE INTERNET EXPLORER!

Actually that's not the point about this wiki-page; it's more about what
specific things can go wrong, not about what kind of special exploits a
several application is suffering of.
Even all those Mozilla-browsers have their own problems so i want to
keep this specific section open.

The questions are:
* Where do those applications compromise anonymity?
* What plugins are known to be shit?

That's fairly generic - there's no need for another "my browers's better
than yours"-thing.

Thanks for your input anyway! :-)

> Let the bug hunting continue!!  w00t!

Oh yeah. I'll be testing me very own setup on thursday.

> - Kyle

Alex.

Attachment: signature.asc
Description: OpenPGP digital signature

References:
- Applications Recommended For Use With Tor +++ PROPOSAL, DRAFT +++
  - From: Alexander W. Janssen
- Re: Applications Recommended For Use With Tor +++ PROPOSAL, DRAFT +++
  - From: Kyle Williams

Prev by Author: Applications Recommended For Use With Tor +++ PROPOSAL, DRAFT +++
Next by Author: set up relay
Previous by thread: Re: Applications Recommended For Use With Tor +++ PROPOSAL, DRAFT +++
Next by thread: set up relay
Index(es):
- Author
- Thread