[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: BetterPrivacy - necessary?

> I think Polipo was a better cache, and since an HTTP proxy can't filter
>  evil content out of HTTPS responses, Privoxy's filtering was not very
>  useful.

Note though that the definition of evil can be game changed
by running your instance inside a secure sandbox, behind a nat,
and minding your session data appropriately. With no access
to the rest of the system and no crosssite cookie/etc trails,
that's a good win. You're really only left with the case of a rogue
applet doing a 'whatismyip.com' to defeat your use of 1918 space
and then sending the result to whoever your adversary may be.
Depending on what the user is doing, that could be a big weakness
that warrants the tradeoff of disabling 'evil' features.

As usual, it would be awesome to have a tool that could de and re
encapsulate https so that proxies and caches could do their thing with it.
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/