Tor,security and web-usability - Sorry, now readable with line-breaks...

Ringo Kamens 2600denver at
Tue Jun 13 11:35:49 UTC 2006

You should have a firewall set up that only lets firefox/privoxy connect to, that way you can be sure it isn't leaking anything.

On 6/13/06, Fabian Keil <freebsd-listen at> wrote:
> abacus.01 at wrote:
> > Does that mean one theoretically had to deinstall
> > Flash before surfing with Tor?
> Not to install Flash in the first place would be
> an even better idea.
> > The same question applies to Windows Media Player on
> > the Mac, this is not secure to surf
> > with, is it? Is a deinstallation also required before
> > achieving an acceptable security level?
> Depends on what kind of security you are talking about.
> I read several Privoxy problem reports about
> Windows Media Player ignoring the proxy settings
> and calling out directly, but you could use a
> transparent proxy to force Windows Media Player
> to use Tor.
> Of course Windows Media Player could still send private
> information through Tor, so yes, if you don't
> trust Windows Media Player to behave, you probably
> should delete or at least disable it.
> > Given the fact, that more and more parts of the web
> > rely increasingly on Java/Javascript
> > and multimedia enhanced features, are security related
> > efforts not really a rearguard
> > action?
> I disabled JavaScript years ago and don't have
> the impression that it's getting harder to surf
> without it.
> > Besides the problems of traceabilty that might result
> > for Tor if one uses Java/Javascript,
> > could it be a reasonable strategy to add a layer of
> > obfuscation by employing second and
> > third operating systems via emulation (e.g. inside a
> > otherwise inaccessible truecrypt
> > partition (which is not yet feasible on the mac)?
> It certainly would improve security, but if you just want
> to hide your IP address, a proper firewall configuration
> should be good enough (provided your on a private LAN
> and Java only sees your private LAN IP). You could use
> chroot, jails or systrace (if MacOS offers one them) to
> make sure the browser doesn't broadcast your mails.
> I also don't understand why you would want to encrypt
> the partition of the emulated OS. The goal is to secure
> the host system from the browser, not the other way
> around.
> Fabian
> --
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the tor-talk mailing list