[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #7721 [Flashproxy]: flashproxy browser add-on
#7721: flashproxy browser add-on
------------------------+---------------------------------------------------
Reporter: proper | Owner: dcf
Type: task | Status: new
Priority: minor | Milestone:
Component: Flashproxy | Version:
Keywords: | Parent:
Points: | Actualpoints:
------------------------+---------------------------------------------------
Comment(by proper):
> I guess I can see the appeal of this idea, but: if you abandon the idea
of "visit a web page to become a proxy," and go for "install this software
to become a proxy," why not just run a standalone proxy program? Why tie
it to the browser?
Maybe because it's easier to install and update? Easier to install and
forget? Fewer clicks? Easier to keep it up to date? Not sure about those.
Another point: longer uptimes - you can define the uptime in your codes.
Just another point: you need less cooperation from website owners.
Well, I mean, if you manage to get Google to install a badge you won't
need the add-on. Due to the attached legal and ethical questions attached,
I'd assume that in the beginning only a few smaller websites, enthusiasts
will install a badge on their website. People who wish to participate a
lot are not bound to stay on a website.
> I suppose a browser plugin only runs when the browser is open?
I think yes. Haven't heard of a way to run them system wide. Since the
browser is nowadays the most used applications, it would still run a long
time. - Longer then being dependent on a badge on a website.
> So wouldn't an always-on system daemon be better?
Maybe. I don't know what is more difficult to install and keep updated
from the end user point of view. Maybe it would be best to have all
methods? Badge, add-on, cli package (for servers), 1 click system
installer?
> In most cases (i.e., not-#6284) we are still limited to using WebSocket,
which has fingerprinting disadvantages.
Could you research (or did you) if you could work around this? If Chrome
gets a TCP API, won't Firefox get it sooner or later? Maybe it's already
planed?
> Browsers are complicated and full of security bugs.
For this point I don't see how an add-on is less secure than a badge on a
website running in the browser.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7721#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs