On Sun, 7 Nov 2010 10:39:25 -0800 (PST) Luis Maceira <luis_a_maceira@xxxxxxxxx> wrote: > When we read the Tor FAQs related to anonymity of ftp tranfers there are several questions that come to mind: > 1)Is the most recent Filezilla really secure/tested so we can trust the anonymity it provides through Tor?(something close to Firefox/Privoxy/Torbutton?) Supporting SOCKS4A is a good sign -- that means it might not leak DNS requests -- but I don't think the Tor developers have reviewed it to check for other anonymity and security issues. > 2)Using Firefox 3.6.12 and FireFTP 1.0.9(most recent versions) downloading from Adobe(Flash Player,Adobe Reader,for example) I receive a warning that an external application is being launched -accept or reject-,is this app FireFTP?Is this warning coming from Torbutton?Does FireFTP 1.0.9 still leak DNS requests? Torbutton displays that warning when you start to download a file that Firefox will not display itself. Saving the file to disk with Firefox itself (with no extensions) probably won't break your anonymity. I don't know whether using FireFTP to download the file will break your anonymity. However, if you run or open the downloaded file (whether after or instead of saving the file to disk) on a computer that will ever again be connected to the Internet, your anonymity can quite easily be compromised (through unique identifiers hidden inside an executable file, for example). > 3)When it comes to ftp through Tor and reading the Tor FAQs it seems the better solution is 3proxy,however this software is not integrated on the major (any?)linux distributions and downloading directly it must be done from a russian website.The guys behind 3proxy can be really trustworthy but I do not feel specially comfortable using the software. What is 3proxy? Robert Ransom
Attachment:
signature.asc
Description: PGP signature