<font color='black' size='2' face='arial'>
<div> <br>
</div>
<div> <br>
</div>
<div style="clear: both;"></div>
<div> <br>
</div>
<div> <br>
</div>
<div style="font-family: arial,helvetica; font-size: 10pt; color: black;">-----Original Message-----<br>
From: Hanspeter Spalinger <tor@spahan.ch><br>
To: or-talk@freehaven.net<br>
Sent: Wed, Apr 21, 2010 6:37 pm<br>
Subject: Re: Firefox configurations for tor with Mac ppc<br>
<br>
<div id="AOLMsgPart_0_e3af1694-81d4-496b-944f-b3f763105c1d" style="margin: 0px; font-family: Tahoma,Verdana,Arial,Sans-Serif; font-size: 12px; color: rgb(0, 0, 0); background-color: rgb(255, 255, 255);">
<pre style="font-size: 9pt;"><tt>-----BEGIN PGP SIGNED MESSAGE-----<br>
Hash: SHA256<br>
<br>
Am 21.04.10 02:53, schrieb <a href="mailto:zzzjethro666@email2me.net">zzzjethro666@email2me.net</a>:<br>
<br>
> Here's a few more. Hope someone notices them and checks them out. Should I <br>
change my mac?<br>
> <br>
> browser.safebrowsing.enabled false mac is true<br>
> browser.safebrowsing.malware.enabled false mac is true<br>
safebrowsing is checking addresses against known "bad" sites. this list<br>
will be retrieved from google periodicaly. This is the "enumerate<br>
badware" aproach which is inheriently flawed. If you use active blockers<br>
like noscript and alike, you gain much more security (eg, the "whitelist<br>
known good stuff" aproach)<br>
(<a href="http://kb.mozillazine.org/Browser.safebrowsing.enabled" target="_blank">http://kb.mozillazine.org/Browser.safebrowsing.enabled</a>)<br>
> browser.search.suggest.enabled false mac is true<br>
you may want to turn this off since it may leak information to outside.<br>
(<a href="http://kb.mozillazine.org/Browser.search.suggest.enabled" target="_blank">http://kb.mozillazine.org/Browser.search.suggest.enabled</a>)<br>
<br>
> extensions.torbutton.locked_node true mac is false<br>
> extensions.torbutton.proxies_applied true mac is false<br>
> extensions.torbutton.restore_tor true mac is false<br>
> extensions.torbutton.settings_applied true mac is false<br>
> extensions.torbutton.tor_enabled true mac is false<br>
Those are state settings for torbutton. i dont think you should change them.<br>
Read <a href="http://www.torproject.org/torbutton/design/#id2977751" target="_blank">http://www.torproject.org/torbutton/design/#id2977751</a> for details<br>
> <br>
> network.cookie.cookieBehavior 1 mac is 2<br>
cookies disabled on mac. good for privacy. you may want to use a plugin<br>
like cookiesafe to manage cookies in a more controlable way (the "always<br>
off" doesnt work for some sites).<br>
(<a href="http://kb.mozillazine.org/Network.cookie.cookieBehavior" target="_blank">http://kb.mozillazine.org/Network.cookie.cookieBehavior</a>)<br>
> network.protocol-handler.warn-external.mailto true mac is false<br>
> network.protocol-handler.warn-external.news true mac is false<br>
> network.protocol-handler.warn-external.nntp true mac is false<br>
> network.protocol-handler.warn-external.snews true mac is false<br>
This decides if you get a warning before open urls that will be handled<br>
by external application. Eg, click a <a href="mailto://-link?">mailto://-link</a> and it opens your<br>
mail-application. Your mac will open mail and news without asking if you<br>
click a link.<br>
(<a href="http://kb.mozillazine.org/Network.protocol-handler.warn-external-default" target="_blank">http://kb.mozillazine.org/Network.protocol-handler.warn-external-default</a>)<br>
-----BEGIN PGP SIGNATURE-----<br>
Version: GnuPG/MacGPG2 v2.0.14 (Darwin)<br>
Comment: Using GnuPG with Mozilla - <a href="http://enigmail.mozdev.org/" target="_blank">http://enigmail.mozdev.org/</a><br>
<br>
iF4EAREIAAYFAkvO42oACgkQpjmLjrU66/4ovgEAqCdVGqWP3KetGwUmB43kJe3T<br>
mIqZS8b/BAmykh3k19IA/RYJdeqnt5G3k9BO9aAFKhuXiS3gO5FR2hbj0WSww5cq<br>
=juC6<br>
-----END PGP SIGNATURE-----<br>
***********************************************************************<br>
To unsubscribe, send an e-mail to <a href="mailto:majordomo@torproject.org">majordomo@torproject.org</a> with<br>
unsubscribe or-talk in the body. <a href="http://archives.seul.org/or/talk/" target="_blank">http://archives.seul.org/or/talk/</a><br>
</tt><font size="2"><font face="Arial, Helvetica, sans-serif"><br>
Hi and thanks for your response. I just want to be sure I understand what you are saying so please excuse my denseness.<br>
<br>
the extension.torbutton configs I sent above are all different on my Mac so I am assuming you mean I should change my mac to <br>
match the "state settings" as you called them. Is that correct?<br>
<br>
And what about "mailto", "news", "nntp" and "snews"? I should I make my mac true for them all?<br>
And of course for the first two, concerned with safebrowsing, should I change my mac?<br>
<br>
I had found Firefox configuration settings on the Hidden Wiki, that had recommended that </font></font><font><font><font size="2"><font face="Arial, Helvetica, sans-serif">network.protocol-handler.external-default be set at "false" <br>
and </font></font></font></font><font size="2"><font face="Arial, Helvetica, sans-serif">all subsettings for network.protocol-handler.external-default be set to "false".<br>
There are 16 of them; afp, data, disk, disks, hcp, help, javascript, mailto, moz-icon, ms-help, news, nntp, shell, snews, vbscript and vnd.ms.radio.<br>
<br>
Subsequently, network.protocol-handler.warn-external-default was to be set at "true", with all subsettings also set to "true".<br>
<br>
There are four: mailto, news, nntp and snews.<br>
<br>
Thanks for any clarity on this issue for me.<br>
</font></font></pre>
</div>
<!-- end of AOLMsgPart_0_e3af1694-81d4-496b-944f-b3f763105c1d -->
</div>
</font>