[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Basic questions from new user but...
On Fri, May 11, 2012 at 2:36 AM, Joe Btfsplk <joebtfsplk@xxxxxxx> wrote:
> Isn't this approach very much a double edged sword? From the link:
>> However, we recommend that even users who know how to use NoScript leave
> It may be true that changing settings makes one's profile different, but
> from all I've ever read, java script is responsible for more malicious
> browser attacks than anything. That's not so good.
research. The anonymity set reduction above, while purely theoretical
and of no practical significance, is in that scope. It's a typical
case of project focus shifting priorities to user's disadvantage.
possible that turning it off offers more (theoretical) anonymity due
to the possibility of fingerprinting users' browser versions by
> Can someone explain to non-Tor network experts in layman's terms (25 words
> or < ) :D, what exactly some one / entity HAS to be able to do in order to
> profile that Joe has java script disabled, & then be able to tie it to MY
> (dynamic) IP address - at * that * moment (an address that could change
> anytime), or to me physically, sitting here at 123 Oak St., Bumfk, ND?
It is not possible — anonymity set reduction only shifts your
anonymity towards pseudonymity. I would guess that most browser users
do not need true anonymity, however, and are fine with pseudonymity.
> Then, what are the REAL world odds that out of all the exit nodes traffic,
> which are constantly changing users, that someone can monitor enough nodes
> AND be able to tie it directly to ONE specific person, w/ a real name &
> physical address? Are we talking that any 12 yr old w/ the right, free
> software can do this, or "theoretically"?
Liberté Linux (discussion / support: http://dee.su/liberte-contribute)
tor-talk mailing list