[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Using Privoxy to increase the security level (was: reporter from The Economist in Thailand seeks help / new Tor guide is up)

"Chris Willis" <chris@xxxxxxxxxxxxx> wrote:

> I have to add a bit to this one:
> NO browser (cept maybe a text browser in BSD or something) is really
> 100% safe on its own.  Firefox has lots of vulnerabilities, just like
> IE.
> That is why you use privoxy with Tor.  http://www.privoxy.org/

Actually it's not, at least it shouldn't be.

If you visit the Privoxy website you will notice that
Privoxy isn't advertised as a protection against browser

|Privoxy is a web proxy with advanced filtering capabilities
|for protecting privacy, modifying web page data, managing cookies,
|controlling access, and removing ads, banners, pop-ups and other
|obnoxious Internet junk. Privoxy has a very flexible configuration
|and can be customized to suit individual needs and tastes. 

While Privoxy has some mechanisms against a small set of IE exploits,
these exploits are known for several years and should be fixed in
any recent IE release anyway. I'm not aware of a single Firefox
vulnerability that didn't affect Firefox versions behind Privoxy,
and if there are any, these could probably be prevented by using
any other http proxy as well.

Usually browser vulnerabilities are the result of active scripting
bugs or content parsing problems. Privoxy's filtering capabilities
are far too limited to reliable protect the browser against these,
especially not in advance.

And even if Privoxy could do it: by the time someone implemented a
counter measure in Privoxy, the problem would probably be already
long fixed in the latest browser release.

If you want to increase your browser's security level,
use a reasonable default configuration and update regularly
to stay on top of known security problems. If you do that,
Privoxy is unlikely to increase your security level any further.


Attachment: signature.asc
Description: PGP signature