On 07/11/11 02:32, Andrew Lewman wrote: > I'd like to see someone do research that proves or disproves this fear that > javascript and cookies everywhere is hazardous to the anonymity of a tor user. I don't think any research is required to know that "third party" cookies at least, are used to track users across sites. And that tracking Tor users across sites is very likely to reduce their anonymity. If you don't want to disable cookies altogether, I'd at least recommend disabling third party ones. If you think that will affect the user experience badly, it's worth noting that Apple disables third party cookies by default in Safari, so it can't be all that bad... I've not personally come across any sites where it has caused problems for me, but I will admit that such sites must exist. > In my world, I'd replace noscript with requestpolicy. If you never request the > 3rd party sites, then you cut out lots of risks/cruft, in theory. This is the > core idea behind requestpolicy. Unfortunately, this breaks lots of websites > and would freak out most tor users. However, this is another fine study to > undertake. I use both. RequestPolicy is definitely much more difficult to maintain, but makes your browsing experience so much safer. I don't think the average user is going to be happy with RequestPolicy in its current form. FYI, you'll find my name on https://www.requestpolicy.com/about -- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tor-talk mailing list tor-talk@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk