Thus spake Joe Btfsplk (joebtfsplk@xxxxxxx): > I think that those voicing a concern w/ these & TBB, were concerned > w/ the trackers most difficult to stop. Are you saying that * > tracking scripts * are ALSO isolated per URL domain in the cache > (see quote below)? So that cross domain tracking isn't possible in > TBB? If that's not correct, then there's still a big problem for > now. This is correct. Any violations of this property are major bugs for us. > >Tracking scripts are * correctly * isolated in the cache, however (which is > >more important, as many tracking scripts*do* embed unique identifiers > >to get cached and used when the user clears cookies). > > When you speak of sandboxing: > >Flash has tons of fingerprinting and proxybypass issues hidden in its binary blob. We > >really need a full sandboxing technology to make it safe to uniformly enable. > > If running an app in something like Sandboxie, (maybe you mean a > diff scenario), it is protecting the OS / machine from the APP. It > doesn't stop a browser (or, I assume, trackers; Flash) from > connecting to the internet. Maybe it would have value once the > browser is closed, Flash proxy bypass has already occurred. Unless > you're talking about something else. Yes, it would require a custom sandbox of our design. Current sandboxing tech (Seatbealt, AppArmor, Seccomp, SELinux) may actually need some additional hacking before they are sufficient for our needs for Flash. -- Mike Perry
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ tor-talk mailing list tor-talk@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk