[or-cvs] r9766: mention quicktime explicitly, and mention the exit node issu (website/trunk/en)

arma at seul.org arma at seul.org
Thu Mar 8 12:01:24 UTC 2007 

Author: arma
Date: 2007-03-08 07:01:21 -0500 (Thu, 08 Mar 2007)
New Revision: 9766

Modified:
   website/trunk/en/download.wml
Log:
mention quicktime explicitly, and mention the exit node issue
explicitly too.


Modified: website/trunk/en/download.wml
===================================================================
--- website/trunk/en/download.wml	2007-03-08 10:22:19 UTC (rev 9765)
+++ website/trunk/en/download.wml	2007-03-08 12:01:21 UTC (rev 9766)
@@ -118,7 +118,7 @@
 </p>
 
 <p>First, Tor only protects applications that are configured to
-send their traffic through Tor -- it doesn't magically anonymize
+send their traffic through Tor &mdash; it doesn't magically anonymize
 all your traffic just because you install it.  We recommend you
 use <a href="http://www.mozilla.org/firefox">Firefox</a> with the <a
 href="https://addons.mozilla.org/firefox/2275/">Torbutton</a> extension.
@@ -127,11 +127,11 @@
 </p>
 
 <p>Second, browser plugins such as Java, Flash, ActiveX, RealPlayer,
-Adobe's PDF plugin, and others can be manipulated
+Quicktime, Adobe's PDF plugin, and others can be manipulated
 into revealing your IP address. We recommend the <a
 href="https://addons.mozilla.org/firefox/1237/">QuickJava</a> and <a
 href="https://addons.mozilla.org/firefox/433/">FlashBlock</a> extensions,
-and you should probably disable <a href="about:plugins">plugins</a>
+and you should probably uninstall other <a href="about:plugins">plugins</a>
 in general.
 <!-- You may also find
 <a href="https://addons.mozilla.org/firefox/722/">NoScript</a> and <a
@@ -139,7 +139,7 @@
 </p>
 
 <p>Third, beware of cookies: if you ever browse without Tor and Privoxy
-and a site gives you a cookie, that cookie can identify you even when
+and a site gives you a cookie, that cookie could identify you even when
 you start using Tor again. You should clear your cookies frequently. <a
 href="https://addons.mozilla.org/firefox/82/">CookieCuller</a> can help
 protect any cookies you do not want to lose.
@@ -149,13 +149,17 @@
 and it encrypts everything inside the Tor network, but <a
 href="http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ExitEavesdroppers">it
 can't encrypt your traffic between the Tor network and its final
-destination.</a> If you
-are communicating sensitive information, you should use the same level
-of care that you would on the normal scary Internet -- use SSL or other
-end-to-end encryption and authentication approaches.
+destination.</a>
+If you are communicating sensitive information, you should use as much
+care as you would on the normal scary Internet &mdash; use SSL or other
+end-to-end encryption and authentication. Also, while Tor blocks attackers
+on your local network from discovering or influencing your destination,
+it opens new risks: malicious or misconfigured Tor exit nodes can send
+you the wrong page, or even send you embedded Java applets disguised as
+domains you trust.
 </p>
 
-<p>Lastly, be smart and learn more. Understand what Tor offers and what
+<p>Last, be smart and learn more. Understand what Tor offers and what
 it doesn't offer. This list of pitfalls isn't complete, and we need your
 help <a href="<page volunteer>#Documentation">identifying and documenting
 all the issues</a>.

More information about the tor-commits mailing list