[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] browser fingerprinting



another torbleed:
http://stackoverflow.com/questions/391979/get-client-ip-using-just-javascript
http://en.wikipedia.org/wiki/JavaScript#Security


2014-04-14 19:44 GMT+02:00 Randolph <rdohm321@xxxxxxxxx>:

>
> http://stackoverflow.com/questions/371875/local-file-access-with-javascript
>
> then firefox with javascript enabled is a torbleed.
>
>
> 2014-04-14 15:46 GMT+02:00 Gerardus Hendricks <konfkukor@xxxxxxxxxx>:
>
> On 4/13/14 9:20 PM, Randolph wrote:
>>
>>> Anonymity is quite easily broken, if cookies cannot managed (e.g. like
>>> in certain browsers) and if javascript is enabled. As far as we see,
>>> Firefox in the Tor bundle disables javascript, right?
>>> Javascript allows to access the local IP address and files, which host
>>> the
>>> local IP address. That`s why Tor and Javascript do not go together.
>>>
>>
>> The Tor Browser Bundle does not disable Javascript by default. You can
>> easily disable it by clicking the NoScript button at the left side of the
>> address bar, and clicking 'Disallow all' (or something like that)
>>
>> Javascript doesn't reveal your "local IP address and files".
>> --
>> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
>> To unsubscribe or change other settings go to
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>>
>
>
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk