[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Towards a Tor-safe Mozilla Thunderbird



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi,

I uploaded a document [1] to the Tor wiki. It is about application-level
privacy leaks in Thunderbird including proposed solutions. It would be
great to get some review/feedback - especially on the proposed solutions.

btw: I won't be able to reply in a timely manner in the next few days.

[1] http://bit.ly/qDZm7C
SHA1:6c84e6a2147ff53d01f96d876ba23a47a5329c92

Since the document was written, proposal 171 (stream separation) was
implemented/released in 0.2.3.3 [2] and new Thunderbird version were
released (but didn't address the problems yet).

To mitigate a certain problem (bugzilla: 684035) described in section
4.1.4.I recommend every Thunderbird user to set the following
preferences to true:
network.protocol-handler.warn-external.http
network.protocol-handler.warn-external.https

Related bugzilla tickets:
- - https://bugzilla.mozilla.org/show_bug.cgi?id=664633
- - https://bugzilla.mozilla.org/show_bug.cgi?id=669238
- - https://bugzilla.mozilla.org/show_bug.cgi?id=684035


[2] https://trac.torproject.org/projects/tor/ticket/1865
https://lists.torproject.org/pipermail/tor-talk/2011-September/021229.html
-----BEGIN PGP SIGNATURE-----

iF4EAREKAAYFAk5ybHYACgkQyM26BSNOM7aN6wD8DjqiHBldD1BXR1Y7qD+jpcGU
LCsjCo7/+QY/aYfVczMA/3UGO6cmYobkKYQ1ZYfhaIYr5h5wzp8I9RFu+dHHYpAN
=E8+o
-----END PGP SIGNATURE-----
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk