Author: moritz Date: 2013-03-26 04:38:32 +0000 (Tue, 26 Mar 2013) New Revision: 26134 Modified: website/trunk/docs/en/faq.wml website/trunk/torbutton/en/index.wml website/trunk/torbutton/en/sidenav.wmi website/trunk/torbutton/en/torbutton-faq.wml website/trunk/torbutton/en/torbutton-options.wml Log: removed torbutton pages, moved 2 questions to general FAQ (#6567) Modified: website/trunk/docs/en/faq.wml =================================================================== --- website/trunk/docs/en/faq.wml 2013-03-25 22:48:25 UTC (rev 26133) +++ website/trunk/docs/en/faq.wml 2013-03-26 04:38:32 UTC (rev 26134) @@ -62,7 +62,7 @@ <li><a href="#TBBPolipo">I need an HTTP proxy. Where did Polipo go?</a></li> <li><a href="#TBBOtherExtensions">Can I install other Firefox - extensions?</a></li> + extensions? Which extensions should I avoid using?</a></li> <li><a href="#TBBJavaScriptEnabled">Why is NoScript configured to allow JavaScript by default in the Tor Browser Bundle? Isn't that unsafe?</a></li> @@ -942,11 +942,44 @@ and other Flash-based sites?</a></h3> <p> -<a -href="https://www.torproject.org/torbutton/torbutton-faq.html. -en#noflash">Answer</a> +YouTube and similar sites require third party browser plugins such as Flash. +Plugins operate independently from Firefox and can perform +activity on your computer that ruins your anonymity. This includes +but is not limited to: <a href="http://decloak.net">completely disregarding +proxy settings</a>, querying your <a +href="http://forums.sun.com/thread.jspa?threadID=5162138&messageID=9618376">local +IP address</a>, and <a +href="http://epic.org/privacy/cookies/flash.html">storing their own +cookies</a>. It is possible to use a LiveCD solution such as +or <a href="https://tails.boum.org/">The Amnesic Incognito Live System</a> that creates a +secure, transparent proxy to protect you from proxy bypass, however issues +with local IP address discovery and Flash cookies still remain. </p> + +<p> +<a href="https://www.youtube.com/html5">YouTube offers experimental HTML5 video +support</a> for many of their videos. You can use their Advanced Search to +find HTML5 videos. </p> +<p> +If you are not concerned about being tracked by these sites (and sites that +try to unmask you by pretending to be them), and are unconcerned about your +local censors potentially noticing you visit them, you can enable plugins by +going into the Torbutton Preferences -> Security Settings +tab and unchecking "Disable browser plugins (such as Flash)" box. If you do this +without The Amnesic Incognito Live System or appropriate firewall +rules, we strongly suggest you at least use <a +href="https://addons.mozilla.org/en-US/firefox/addon/722">NoScript</a> to <a +href="http://noscript.net/features#contentblocking">block plugins</a>. You do +not need to use the NoScript per-domain permissions if you check the <b>Apply +these restrictions to trusted sites too</b> option under the NoScript Plugins +preference tab. In fact, with this setting you can even have NoScript allow +Javascript globally, but still block all plugins until you click on their +placeholders in a page. We also recommend <a +href="https://addons.mozilla.org/en-US/firefox/addon/6623">Better Privacy</a> +in this case to help you clear your Flash cookies. +</p> + <hr> <a id="TBBSocksPort"></a> @@ -1010,6 +1043,23 @@ its name). </p> +<p> +Generally, extensions that require registration, and/or provide +additional information about websites you are visiting, should be +suspect. +</p> + +<p> +Extensions you might like include + <a href="https://addons.mozilla.org/firefox/addon/953">RefControl</a> (referer spoofing), + <a href="https://addons.mozilla.org/firefox/addon/1474">SafeCache</a>, + <a href="https://addons.mozilla.org/en-US/firefox/addon/6623">Better Privacy</a>, + <a href="https://addons.mozilla.org/firefox/addon/1865">AdBlock Plus</a> (EasyPrivacy+EasyList), + <a href="https://addons.mozilla.org/firefox/addon/82">Cookie Culler</a>, + <a href="https://addons.mozilla.org/en-US/firefox/addon/9727/">Request Policy</a> and + <a href="https://addons.mozilla.org/en-US/firefox/addon/certificate-patrol/">Certificate Patrol</a>. +</p> + <hr> <a id="TBBJavaScriptEnabled"></a> Modified: website/trunk/torbutton/en/index.wml =================================================================== --- website/trunk/torbutton/en/index.wml 2013-03-25 22:48:25 UTC (rev 26133) +++ website/trunk/torbutton/en/index.wml 2013-03-26 04:38:32 UTC (rev 26134) @@ -99,37 +99,10 @@ have enough developer resources to keep up with the accelerated Firefox release schedule, the toggle model of Torbutton is <a href="https://blog.torproject.org/blog/toggle-or-not-toggle-end-torbutton">no - longer recommended</a>. <b>Users should be using Tor Browser Bundle, + longer supported</a>. <b>Users should be using Tor Browser Bundle, not installing Torbutton themselves.</b> </p> - <br/><br/> - <strong>Current stable version:</strong><version-torbutton><br/> - <strong>Current alpha version:</strong><version-torbutton-alpha><br/> - <br/> - <strong>Maintainer:</strong> Mike Perry<br/> - <br/> - <strong>Expert Install (Stable):</strong> Click to <a - href="https://www.torproject.org/dist/torbutton/torbutton-current.xpi" - hash="<version-hash-torbutton>" onclick="return - install(event);">install from this website</a>. Verify the <a href="https://www.torproject.org/dist/torbutton/torbutton-current.xpi.asc">signature</a>.<br/> -<!-- - <strong>Expert Install (Alpha):</strong> Click to - <a href="https://www.torproject.org/dist/torbutton/torbutton-current-alpha.xpi" - hash="<version-hash-torbutton-alpha>" - onclick="return install(event);">install from this website</a> - <br/> - --> -<!-- - <strong>English Google Search:</strong> - Google search plugins for - <a href="/jsreq.html" title="Ref: 14938 (googleCA)" - onClick="addOpenSearch('GoogleCanada','ico','General','14937','g');return false">Google CA</a>, and - <a href="/jsreq.html" title="Ref: 14938 (googleCA)" - onClick="addOpenSearch('googleuk_web','png','General','14445','g');return false">Google UK</a>. - <br/> - --> - <strong>Past Releases:</strong> <a href="https://archive.torproject.org/tor-package-archive/torbutton/">Tor Archive</a><br/> <strong>Developer Documentation:</strong> <a href="en/design/index.html.en">Torbutton Design Document</a> and <a href="en/design/MozillaBrownBag.pdf">Slides (Not actively updated)</a><br/> <strong>Source:</strong> You can <a @@ -137,8 +110,8 @@ repository</a> or simply unzip the xpi. <br/> <strong>Bug Reports:</strong> <a href="https://trac.torproject.org/projects/tor/report/14">Torproject Bug Tracker</a><br/> - <strong>Documents:</strong> <b>[</b> <a href="<page torbutton/torbutton-faq>">FAQ</a> <b>|</b> - <a href="<page torbutton/torbutton-options>">Torbutton options</a> <b>|</b> + <strong>Documents:</strong> + <b>[</b> <a href="https://gitweb.torproject.org/torbutton.git/blob/HEAD:/src/CHANGELOG">changelog</a> <b>|</b> <a href="https://gitweb.torproject.org/torbutton.git/blob/HEAD:/src/LICENSE">license</a> <b>|</b> <a href="https://gitweb.torproject.org/torbutton.git/blob/HEAD:/src/CREDITS">credits</a> <b>]</b> Modified: website/trunk/torbutton/en/sidenav.wmi =================================================================== --- website/trunk/torbutton/en/sidenav.wmi 2013-03-25 22:48:25 UTC (rev 26133) +++ website/trunk/torbutton/en/sidenav.wmi 2013-03-26 04:38:32 UTC (rev 26134) @@ -1,36 +1,110 @@ -#!/usr/bin/wml - ## translation metadata # Revision: $Revision$ # Translation-Priority: 2-medium -# this structure defines the side nav bar for the /torbutton pages +# this structure defines the side nav bar for the /docs pages # and is the input for include/side.wmi # fields: # -# name - the $WML_SRC_BASENAME of the file. It should uniquely identify the -# page because at build-time it is used to determine what view of the -# navigation menu to generate -# # url - the path to the wml page, as used the the <page> tag. This tag ensures # that links will point to the current language if supported, and alternately # the english version # # txt - the link text to be displayed. Different translations will # need to supply alternate txt - + <: my $sidenav; $sidenav = [ - {'url' => 'torbutton/index', - 'txt' => 'Torbutton', - 'subelements' => [ - {'url' => 'torbutton/torbutton-options', - 'txt' => 'Torbutton Options', - }, - {'url' => 'torbutton/torbutton-faq', - 'txt' => 'Torbutton FAQ', - }] - }] + {'url' => 'docs/documentation', + 'txt' => 'Documentation Overview', + }, + { + 'url' => 'docs/installguide', + 'txt' => 'Installation Guides', + 'subelements' => [ + {'url' => 'docs/tor-doc-windows', + 'txt' => 'Installing on Windows', + }, + {'url' => 'docs/tor-doc-unix', + 'txt' => 'Installing on Linux/BSD/Unix', + }, + {'url' => 'docs/debian', + 'txt' => 'Installing Tor on Debian/Ubuntu', + }, + {'url' => 'docs/debian-vidalia', + 'txt' => 'Installing Vidalia on Debian/Ubuntu', + }, + {'url' => 'docs/tor-doc-osx', + 'txt' => 'Installing Tor on Mac OS X', + }, + {'url' => 'docs/android', + 'txt' => 'Installing Tor on Android', + }, + {'url' => 'docs/N900', + 'txt' => 'Installing Tor on Maemo/N900', + }, + {'url' => 'docs/verifying-signatures', + 'txt' => 'Verify our GPG signatures', + }], + }, + {'url' => 'docs/manual', + 'txt' => 'Manuals', + 'subelements' => [ + { + 'url' => 'docs/short-user-manual', + 'txt' => 'Short User Manual', + }, + {'url' => 'docs/tor-relay-debian', + 'txt' => 'Configuring a Relay manually', + }, + {'url' => 'docs/tor-doc-relay', + 'txt' => 'Configuring a Relay graphically', + }, + {'url' => 'docs/tor-hidden-service', + 'txt' => 'Configuring a Hidden Service', + }, + {'url' => 'docs/bridges', + 'txt' => 'Configuring a Bridge Relay', + }, + {'url' => 'docs/running-a-mirror', + 'txt' => 'Configuring a Mirror', + }, + {'url' => 'docs/tor-manual', + 'txt' => 'Tor -stable Manual', + }, + {'url' => 'docs/tor-manual-dev', + 'txt' => 'Tor -alpha Manual', + }, + {'url' => 'docs/proxychain', + 'txt' => 'Configuring Tor to use a Proxy Server', + }, + {'url' => '<doxygen>', + 'txt' => 'Doxygen output from Tor codebase', + }] + }, + { + 'url' => '<wiki>', + 'txt' => 'Tor Wiki', + }, + {'url' => 'docs/faq', + 'txt' => 'General FAQ', + }, + {'url' => 'torbutton/torbutton-faq', + 'txt' => 'Torbutton FAQ', + }, + {'url' => 'docs/faq-abuse', + 'txt' => 'Abuse FAQ', + }, + {'url' => 'docs/trademark-faq', + 'txt' => 'Trademark FAQ', + }, + {'url' => 'eff/tor-legal-faq', + 'txt' => 'Tor Legal FAQ', + }, + {'url' => 'eff/tor-dmca-response', + 'txt' => 'Tor DMCA Response', + }, + ]; :> Modified: website/trunk/torbutton/en/torbutton-faq.wml =================================================================== --- website/trunk/torbutton/en/torbutton-faq.wml 2013-03-25 22:48:25 UTC (rev 26133) +++ website/trunk/torbutton/en/torbutton-faq.wml 2013-03-26 04:38:32 UTC (rev 26134) @@ -11,273 +11,28 @@ </div> <div id="maincol"> <!-- PUT CONTENT AFTER THIS TAG --> - - <h2>Torbutton FAQ</h2> + + <h2>Torbutton</h2> <hr> - - <h3>Questions</h3> - <br> - <ul> - <li><a href="<page torbutton/torbutton-faq>#noflash">I can't view videos on YouTube and other flash-based sites. Why?</a></li> - <li><a href="<page torbutton/torbutton-faq>#oldtorbutton">Torbutton sure seems to do a lot of things, some of which I find annoying. Can't I just use the old version?</a></li> - <li><a href="<page torbutton/torbutton-faq>#noautocomplete">When I use Tor, Firefox is no longer filling in logins/search boxes for me. Why?</a></li> - <li><a href="<page torbutton/torbutton-faq>#thunderbird">What about Thunderbird support? I see a page, but it is the wrong version?</a></li> - <li><a href="<page torbutton/torbutton-faq>#extensionconflicts">Which Firefox extensions should I avoid using?</a></li> - <li><a href="<page torbutton/torbutton-faq>#recommendedextensions">Which Firefox extensions do you recommend?</a></li> - <li><a href="<page torbutton/torbutton-faq>#securityissues">Are there any other issues I should be concerned about?</a></li> - </ul> - <br> - - <a id="noflash"></a> - <strong><a class="anchor" href="#noflash">I can't view videos on YouTube and - other Flash-based sites. Why?</a></strong> - + <p> - YouTube and similar sites require third party browser plugins such as Flash. - Plugins operate independently from Firefox and can perform - activity on your computer that ruins your anonymity. This includes - but is not limited to: <a href="http://decloak.net">completely disregarding - proxy settings</a>, querying your <a - href="http://forums.sun.com/thread.jspa?threadID=5162138&messageID=9618376">local - IP address</a>, and <a - href="http://epic.org/privacy/cookies/flash.html">storing their own - cookies</a>. It is possible to use a LiveCD solution such as - or <a href="https://tails.boum.org/">The Amnesic Incognito Live System</a> that creates a - secure, transparent proxy to protect you from proxy bypass, however issues - with local IP address discovery and Flash cookies still remain. </p> - - <p> - If you are not concerned about being tracked by these sites (and sites that - try to unmask you by pretending to be them), and are unconcerned about your - local censors potentially noticing you visit them, you can enable plugins by - going into the Torbutton Preferences->Security Settings - tab and unchecking "Disable browser plugins (such as Flash)" box. If you do this - without The Amnesic Incognito Live System or appropriate firewall - rules, we strongly suggest you at least use <a - href="https://addons.mozilla.org/en-US/firefox/addon/722">NoScript</a> to <a - href="http://noscript.net/features#contentblocking">block plugins</a>. You do - not need to use the NoScript per-domain permissions if you check the <b>Apply - these restrictions to trusted sites too</b> option under the NoScript Plugins - preference tab. In fact, with this setting you can even have NoScript allow - Javascript globally, but still block all plugins until you click on their - placeholders in a page. We also recommend <a - href="https://addons.mozilla.org/en-US/firefox/addon/6623">Better Privacy</a> - in this case to help you clear your Flash cookies. + Torbutton is the component in <a href="<page projects/torbrowser>">Tor + Browser Bundle</a> that takes care of application-level + security and privacy concerns in Firefox. To keep you safe, + Torbutton disables many types of active content. </p> - - <a id="oldtorbutton"></a> - <strong><a class="anchor" href="#oldtorbutton">Torbutton sure seems to do a lot of things, some of which I find - annoying. Can't I just use the old version?</a></strong> - + <p> - - <b>No.</b> Use of the old version, or any other vanilla proxy changer - (including FoxyProxy -- see below) without Torbutton is actively discouraged. - Seriously. Using a vanilla proxy switcher by itself is so insecure that you are - not only just wasting your time, you are also actually endangering yourself. - <b>Simply do not use Tor</b> and you will have the same (and in some cases, - better) security. For more information on the types of attacks you are exposed - to with a "homegrown" solution, please see <a - href="design/index.html.en#adversary">The Torbutton - Adversary Model</a>, in particular the <a - href="design/index.html.en#attacks">Adversary - Capabilities - Attacks</a> subsection. If there are any specific Torbutton - behaviors that you do not like, please file a bug on <a - href="https://trac.torproject.org/projects/tor/report/14">the - bug tracker.</a> Most of Torbutton's security features can also be disabled via - its preferences, if you think you have your own protection for those specific - cases. - + Now that the <a href="<page projects/torbrowser>">Tor Browser + Bundle</a> includes a patched version of Firefox, and because we don't + have enough developer resources to keep up with the accelerated + Firefox release schedule, the toggle model of Torbutton is <a + href="https://blog.torproject.org/blog/toggle-or-not-toggle-end-torbutton">no + longer supported</a>. <b>Users should be using Tor Browser Bundle, + not installing Torbutton themselves.</b> </p> - - <a id="noautocomplete"></a> - <strong><a class="anchor" href="#noautocomplete">When I use Tor, Firefox is no longer filling in logins/search boxes - for me. Why?</a></strong> - - <p> - Currently, this is tied to the "<b>Block history writes during Tor</b>" - setting. If you have enabled that setting, all formfill functionality (both - saving and reading) is disabled. If this bothers you, you can uncheck that - option, but both history and forms will be saved. To prevent history - disclosure attacks via Non-Tor usage, it is recommended you disable Non-Tor - history reads if you allow history writing during Tor. - </p> - - <a id="thunderbird"></a> - <strong><a class="anchor" href="#thunderbird">What about Thunderbird support? I see a page, but it is the wrong - version?</a></strong> - - <p> - The Tor plugin for Thunderbird is called <a href="https://trac.torproject.org/projects/tor/wiki/torbirdy"> - TorBirdy</a>. - </p> - - <a id="extensionconflicts"></a> - <strong><a class="anchor" href="#extensionconflicts">Which Firefox extensions should I avoid using?</a></strong> - - <p> - This is a tough one. There are thousands of Firefox extensions: making a - complete list of ones that are bad for anonymity is near impossible. However, - here are a few examples that should get you started as to what sorts of - behavior are dangerous. - </p> - - <ol> - <li>StumbleUpon, et al - <p> - These extensions will send all sorts of information about the websites you - visit to the stumbleupon servers, and correlate this information with a - unique identifier. This is obviously terrible for your anonymity. - More generally, any sort of extension that requires registration, or even - extensions that provide information about websites you visit should be - suspect. - </p></li> - <li>FoxyProxy - <p> - While FoxyProxy is a nice idea in theory, in practice it is impossible to - configure securely for Tor usage without Torbutton. Like all vanilla third - party proxy plugins, the main risks are <a - href="http://www.decloak.net/">plugin leakage</a> - and <a href="http://ha.ckers.org/weird/CSS-history.cgi">history - disclosure</a>, followed closely by cookie theft by exit nodes and tracking by - adservers (see the <a href="design/index.html.en#adversary">Torbutton Adversary - Model</a> for more information). However, with Torbutton installed in tandem - and always enabled, it is possible to configure FoxyProxy securely (though it - is tricky). Since FoxyProxy's 'Patterns' mode only applies to specific urls, - and not to an entire tab, setting FoxyProxy to only send specific sites - through Tor will still allow adservers (whose hosts don't match your filters) to learn your real IP. Worse, when - sites use offsite logging services such as Google Analytics, you will - still end up in their logs with your real IP. Malicious exit nodes can also - cooperate with sites to inject images into pages that bypass your filters. - Setting FoxyProxy to only send certain URLs via Non-Tor is much more secure in - this regard, but be very careful with the filters you allow. For example, - something as simple as allowing *google* to go via Non-Tor will still cause you to end up - in all the logs of all websites that use Google Analytics! See - <a href="http://foxyproxy.mozdev.org/faq.html#privacy-01">this question</a> on - the FoxyProxy FAQ for more information. - </p></li> - </ol> - - <a id="recommendedextensions"></a> - <strong><a class="anchor" href="#recommendedextensions">Which Firefox extensions do you recommend?</a></strong> - <ol> - <li><a href="https://addons.mozilla.org/firefox/addon/953">RefControl</a> - <p> - Mentioned above, this extension allows more fine-grained referrer spoofing - than Torbutton currently provides. It should break less sites than Torbutton's - referrer spoofing option.</p></li> - - <li><a href="https://addons.mozilla.org/firefox/addon/1474">SafeCache</a> - <p> - If you use Tor excessively, and rarely disable it, you probably want to - install this extension to minimize the ability of sites to store long term - identifiers in your cache. This extension applies same origin policy to the - cache, so that elements are retrieved from the cache only if they are fetched - from a document in the same origin domain as the cached element. - </p></li> - - <li><a href="https://addons.mozilla.org/en-US/firefox/addon/6623">Better - Privacy</a> - <p> - - Better Privacy is an excellent extension that protects you from cookies used - by Flash applications, which often persist forever and are not clearable via - normal Firefox "Private Data" clearing. Flash and all other plugins are - disabled by Torbutton by default, but if you are interested in privacy, you - may want this extension to allow you to inspect and automatically clear your - Flash cookies for your Non-Tor usage. - - </p> - </li> - <li><a href="https://addons.mozilla.org/firefox/addon/1865">AdBlock Plus</a> - <p> - - AdBlock Plus is an excellent addon for removing annoying, privacy-invading, - and <a - href="http://www.wired.com/techbiz/media/news/2007/11/doubleclick">malware-distributing</a> - advertisements from the web. It provides - <a href="http://adblockplus.org/en/subscriptions">subscriptions</a> that are - continually updated to catch the latest efforts of ad networks to circumvent - these filters. I recommend the EasyPrivacy+EasyList combination filter - subscription in the Miscellaneous section of the subscriptions page. - - </p> - </li> - <li><a href="https://addons.mozilla.org/firefox/addon/82">Cookie Culler</a> - <p> - - Cookie Culler is a handy extension to give quick access to the cookie manager - in Firefox. It also provides the ability to protect certain cookies from - deletion, but unfortunately, this behavior does not integrate well with Torbutton. - - </p> - </li> - - <li><a href="https://addons.mozilla.org/en-US/firefox/addon/722">NoScript</a> - <p> - Torbutton currently mitigates all known anonymity issues with Javascript. - However, if you are concerned about Javascript exploits against your browser - or against websites you are logged in to, you may want to use NoScript. It - provides the ability to allow Javascript only for particular websites - and also provides mechanisms to force HTTPS urls for sites with - <a href="http://fscked.org/category/tags/insecurecookies">insecure - cookies</a>.<br> - - It can be difficult to configure such that the most sites will work - properly though. In particular, you want to make sure you do not remove - the Javascript whitelist for - addons.mozilla.org, as extensions are downloaded via http and verified by - javascript from the https page. - - </p></li> - <li><a href="https://addons.mozilla.org/en-US/firefox/addon/9727/">Request - Policy</a> - <p> - - Request Policy is similar to NoScript in that it requires that you configure - which sites are allowed to load content from other domains. It can be very - difficult for novice users to configure properly, but it does provide a good - deal of protection against ads, injected content, and cross-site request - forgery attacks. - - </p> - </li> - - </ol> - - <a id="securityissues"></a> - <strong><a class="anchor" href="#securityissues">Are there any other issues I should be concerned about?</a></strong> - - <p> - There are a few known security issues with Torbutton (all of which are due to - <a href="design/index.html.en#FirefoxBugs">unfixed - Firefox security bugs</a>). The most important for anonymity is that it is - possible to unmask the javascript hooks that wrap the Date object to conceal - your timezone in Firefox 2, and the timezone masking code does not work at all - on Firefox 3. We are working with the Firefox team to fix one of <a - href="https://bugzilla.mozilla.org/show_bug.cgi?id=392274">Bug 399274</a> or - <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=419598">Bug 419598</a> - to address this. In the meantime, it is possible to set the <b>TZ</b> - environment variable to <b>UTC</b> to cause the browser to use UTC as your - timezone. Under Linux, you can add an <b>export TZ=UTC</b> to the - /usr/bin/firefox script, or edit your system bashrc to do the same. Under - Windows, you can set either a <a - href="http://support.microsoft.com/kb/310519">User or System Environment - Variable</a> for TZ via My Computer's properties. In MacOS, the situation is - <a - href="http://developer.apple.com/documentation/MacOSX/Conceptual/BPRuntimeConfig/Articles/EnvironmentVars.html#//apple_ref/doc/uid/20002093-BCIJIJBH">a - lot more complicated</a>, unfortunately. - </p> - - <p> - In addition, RSS readers such as Firefox Livemarks can perform - periodic fetches. Due to <a - href="https://bugzilla.mozilla.org/show_bug.cgi?id=436250">Firefox Bug - 436250</a>, there is no way to disable Livemark fetches during Tor. This can - be a problem if you have a lot of custom Livemark urls that can give away - information about your identity. - </p> - </div> + + </div> <!-- END MAINCOL --> <div id = "sidecol"> #include "side.wmi" Modified: website/trunk/torbutton/en/torbutton-options.wml =================================================================== --- website/trunk/torbutton/en/torbutton-options.wml 2013-03-25 22:48:25 UTC (rev 26133) +++ website/trunk/torbutton/en/torbutton-options.wml 2013-03-26 04:38:32 UTC (rev 26134) @@ -11,257 +11,27 @@ </div> <div id="maincol"> <!-- PUT CONTENT AFTER THIS TAG --> - - <h2>Torbutton Options</h2> + + <h2>Torbutton</h2> <hr> - - <p>Torbutton 1.2.0 adds several new security features to protect your - anonymity from all the major threats we know about. The defaults should be - fine (and safest!) for most people, but in case you are the tweaker type, - or if you prefer to try to outsource some options to more flexible extensions, - here is the complete list. (In an ideal world, these descriptions should all be - tooltips in the extension itself, but Firefox bugs <a - href="https://bugzilla.mozilla.org/show_bug.cgi?id=45375">45375</a> and <a - href="https://bugzilla.mozilla.org/show_bug.cgi?id=218223">218223</a> currently - prevent this.)</p> - - <ul> - <li>Disable plugins on Tor Usage (crucial)<p> - - This option is key to Tor security. Plugins perform their own networking - independent of the browser, and many plugins only partially obey even their own - proxy settings. - </p></li> - <li>Isolate Dynamic Content to Tor State (crucial)<p> - - Another crucial option, this setting causes the plugin to disable Javascript - on tabs that are loaded during a Tor state different than the current one, - to prevent delayed fetches of injected URLs that contain unique identifiers, - and to prevent meta-refresh tags from revealing your IP when you turn off - Tor. It also prevents all fetches from tabs loaded with an opposite Tor - state. This serves to block non-Javascript dynamic content such as CSS - popups from revealing your IP address if you disable Tor. - </p></li> - <li>Hook Dangerous Javascript (crucial)<p> - - This setting enables the Javascript hooking code. Javascript is injected into - pages to hook the Date object to mask your timezone, and to hook the navigator - object to mask OS and user agent properties not handled by the standard - Firefox user agent override settings. - </p></li> - <li>Resize window dimensions to multiples of 50px on toggle (recommended)<p> - - To cut down on the amount of state available to fingerprint users uniquely, - this pref causes windows to be resized to a multiple of 50 pixels on each - side when Tor is enabled and pages are loaded. - </p></li> - <li>Disable Updates During Tor (recommended)<p> - - Under Firefox 2, many extension authors did not update their extensions from - SSL-enabled websites. It is possible for malicious Tor nodes to hijack these extensions and replace them with malicious ones, or add malicious code to - existing extensions. Since Firefox 3 now enforces encrypted and/or - authenticated updates, this setting is no longer as important as it once - was (though updates do leak information about which extensions you have, it is - fairly infrequent). - </p></li> - <li>Disable Search Suggestions during Tor (optional)<p> - - This optional setting governs if you get Google search suggestions during Tor - usage. Since no cookie is transmitted during search suggestions, this is a - relatively benign behavior. - </p></li> - <li>Block Livemarks updates during Tor usage (recommended)<p> - - This setting causes Torbutton to disable your <a - href="http://www.mozilla.com/firefox/livebookmarks.html">Live bookmark</a> - updates. Since most people use Live bookmarks for RSS feeds from their blog, - their friends' blogs, the wikipedia page they edit, and other such things, - these updates probably should not happen over Tor. This feature takes effect - in Firefox 3.5 and above only. - - </p></li> - <li>Block Tor/Non-Tor access to network from file:// urls (recommended)<p> - - These settings prevent local html documents from transmitting local files to - arbitrary websites <a href="http://www.gnucitizen.org/blog/content-disposition-hacking/">under Firefox 2</a>. Since exit nodes can insert headers that - force the browser to save arbitrary pages locally (and also inject script into - arbitrary html files you save to disk via Tor), it is probably a good idea to - leave this setting on. - </p></li> - <li>Close all Non-Tor/Tor windows and tabs on toggle (optional)<p> - - These two settings allow you to obtain a greater degree of assurance that - after you toggle out of Tor, the pages are really gone and can't perform any - extra network activity. Currently, there is no known way that pages can still - perform activity after toggle, but these options exist as a backup measure - just in case a flaw is discovered. They can also serve as a handy 'Boss - Button' feature for clearing all Tor browsing off your screen in a hurry. - </p></li> - <li>Isolate access to history navigation to Tor state (crucial)<p> - - This setting prevents both Javascript and accidental user clicks from causing - the session history to load pages that were fetched in a different Tor state - than the current one. Since this can be used to correlate Tor and Non-Tor - activity and thus determine your IP address, it is marked as a crucial - setting. - </p></li> - <li>Block History Reads during Tor (crucial)<p> - - Based on code contributed by <a href="http://www.collinjackson.com/">Collin - Jackson</a>, when enabled and Tor is enabled, this setting prevents the - rendering engine from knowing if certain links were visited. This mechanism - defeats all document-based history disclosure attacks, including CSS-only - attacks. - </p></li> - <li>Block History Reads during Non-Tor (recommended)<p> - - This setting accomplishes the same but for your Non-Tor activity. - </p></li> - <li>Block History Writes during Tor (recommended)<p> - - This setting prevents the rendering engine from recording visited URLs, and - also disables download manager history. Note that if you allow writing of Tor history, - it is recommended that you disable non-Tor history reads, since malicious - websites you visit without Tor can query your history for .onion sites and - other history recorded during Tor usage (such as Google queries). - </p></li> - <li>Block History Writes during Non-Tor (optional)<p> - - This setting also disables recording any history information during Non-Tor - usage. - </p></li> - <li>Clear History During Tor Toggle (optional)<p> - - This is an alternate setting to use instead of (or in addition to) blocking - history reads or writes. - </p></li> - <li>Block Password+Form saving during Tor/Non-Tor<p> - - These options govern if the browser writes your passwords and search - submissions to disk for the given state. - </p></li> - <li>Block Tor disk cache and clear all cache on Tor Toggle<p> - - Since the browser cache can be leveraged to store unique identifiers, cache - must not persist across Tor sessions. This option keeps the memory cache active - during Tor usage for performance, but blocks disk access for caching. - </p></li> - <li>Block disk and memory cache during Tor<p> - - This setting entirely blocks the cache during Tor, but preserves it for - Non-Tor usage. - </p></li> - <li>Clear Cookies on Tor Toggle<p> - - Fully clears all cookies on Tor toggle. - </p></li> - <li>Store Non-Tor cookies in a protected jar<p> - - This option stores your persistent Non-Tor cookies in a special cookie jar - file, in case you wish to preserve some cookies. Based on code contributed - by <a href="http://www.collinjackson.com/">Collin Jackson</a>. It is - compatible with third party extensions that you use to manage your Non-Tor - cookies. Your Tor cookies will be cleared on toggle, of course. - </p></li> - <li>Store both Non-Tor and Tor cookies in a protected jar (dangerous)<p> - - This option stores your persistent Tor and Non-Tor cookies - separate cookie jar files. Note that it is a bad idea to keep Tor - cookies around for any length of time, as they can be retrieved by exit - nodes that inject spoofed forms into plaintext pages you fetch. - </p></li> - <li>Manage My Own Cookies (dangerous)<p> - - This setting allows you to manage your own cookies with an alternate - extension, such as <a href="https://addons.mozilla.org/firefox/addon/82">CookieCuller</a>. Note that this is particularly dangerous, - since malicious exit nodes can spoof document elements that appear to be from - sites you have preserved cookies for (and can then do things like fetch your - entire gmail inbox, even if you were not using gmail or visiting any google - pages at the time!). - </p></li> - <li>Do not write Tor/Non-Tor cookies to disk<p> - - These settings prevent Firefox from writing any cookies to disk during the - corresponding Tor state. If cookie jars are enabled, those jars will - exist in memory only, and will be cleared when Firefox exits. - </p></li> - <li>Disable DOM Storage during Tor usage (crucial)<p> - - Firefox has recently added the ability to store additional state and - identifiers in persistent tables, called <a - href="http://developer.mozilla.org/docs/DOM:Storage">DOM Storage</a>. - Obviously this can compromise your anonymity if stored content can be - fetched across Tor-state. - </p></li> - <li>Clear HTTP auth sessions (recommended)<p> - - HTTP authentication credentials can be probed by exit nodes and used to both confirm that you visit a certain site that uses HTTP auth, and also impersonate you on this site. - </p></li> - <li>Clear cookies on Tor/Non-Tor shutdown<p> - - These settings install a shutdown handler to clear cookies on Tor - and/or Non-Tor browser shutdown. It is independent of your Clear Private Data - settings, and does in fact clear the corresponding cookie jars. - </p></li> - <li>Prevent session store from saving Tor-loaded tabs (recommended)<p> - - This option augments the session store to prevent it from writing out - Tor-loaded tabs to disk. Unfortunately, this also disables your ability to - undo closed tabs. The reason why this setting is recommended is because - after a session crash, your browser will be in an undefined Tor state, and - can potentially load a bunch of Tor tabs without Tor. The following option - is another alternative to protect against this. - </p></li> - <li>On normal startup, set state to: Tor, Non-Tor, Shutdown State<p> - - This setting allows you to choose which Tor state you want the browser to - start in normally: Tor, Non-Tor, or whatever state the browser shut down in. - </p></li> - <li>On crash recovery or session restored startup, restore via: Tor, Non-Tor<p> - - When Firefox crashes, the Tor state upon restart usually is completely - random, and depending on your choice for the above option, may load - a bunch of tabs in the wrong state. This setting allows you to choose - which state the crashed session should always be restored in to. - </p></li> - <li>Prevent session store from saving Non-Tor/Tor-loaded tabs<p> - - These two settings allow you to control what the Firefox Session Store - writes to disk. Since the session store state is used to automatically - load websites after a crash or upgrade, it is advisable not to allow - Tor tabs to be written to disk, or they may get loaded in Non-Tor - after a crash (or the reverse, depending upon the crash recovery setting, - of course). - </p></li> - <li>Set user agent during Tor usage (crucial)<p> - - User agent masking is done with the idea of making all Tor users appear - uniform. A recent Firefox 2.0.0.4 Windows build was chosen to mimic for this - string and supporting navigator.* properties, and this version will remain the - same for all TorButton versions until such time as specific incompatibility - issues are demonstrated. Uniformity of this value is obviously very important - to anonymity. Note that for this option to have full effectiveness, the user - must also allow Hook Dangerous Javascript ensure that the navigator.* - properties are reset correctly. The browser does not set some of them via the - exposed user agent override preferences. - </p></li> - <li>Spoof US English Browser<p> - - This option causes Firefox to send http headers as if it were an English - browser. Useful for internationalized users. - </p></li> - <li>Don't send referrer during Tor Usage<p> - - This option disables the referrer header, preventing sites from determining - where you came from to visit them. This can break some sites, however. <a - href="http://www.digg.com">Digg</a> in particular seemed to be broken by this. - A more streamlined, less intrusive version of this option should be available - eventually. In the meantime, <a - href="https://addons.mozilla.org/firefox/addon/953">RefControl</a> can - provide this functionality via a default option of <b>Forge</b>. - </p></li> - </ul> - </div> + + <p> + Torbutton is the component in <a href="<page projects/torbrowser>">Tor + Browser Bundle</a> that takes care of application-level + security and privacy concerns in Firefox. To keep you safe, + Torbutton disables many types of active content. + </p> + + <p> + Now that the <a href="<page projects/torbrowser>">Tor Browser + Bundle</a> includes a patched version of Firefox, and because we don't + have enough developer resources to keep up with the accelerated + Firefox release schedule, the toggle model of Torbutton is <a + href="https://blog.torproject.org/blog/toggle-or-not-toggle-end-torbutton">no + longer supported</a>. <b>Users should be using Tor Browser Bundle, + not installing Torbutton themselves.</b> + </p> + </div> <!-- END MAINCOL --> <div id = "sidecol"> #include "side.wmi"