Tor Leaking

Fabian Keil freebsd-listen at
Wed Jun 14 14:05:06 UTC 2006

Simon Callow <simoncallow68 at> wrote:

> I came across a privacy blog that says even when you
> set up Tor correctly it still leaks sometimes. It says
> And you Thought you were Safe!—You’ve installed that
> proxy chain. You've shooed away the two Jays—those
> attractive, brightly coloured birds that prove just
> that little bit too inquisitive for comfort. You’ve
> done everything correctly—by the book. So you call up
> your favourite search engine, enter your favourite
> topic, and soon you’re clicking away on one link after
> another, sure in the knowledge that Big Brother
> doesn’t know what sites you’re visiting. Right? 

> Wrong! Some of those clicks will be putting a smile on
> Big Brother’s face. And no need to feel so smug, all
> you Tor users—yes, we mean you too! 
> It's at They
> are not against Tor as they’re running a campaign
> supporting it and they seem to know a lot about
> privacy.

Do you have additional links were they actually bring
in some information about what "leaks" and "fingerprints"
they are talking about?

To me they don't look were knowledgeable at all,
the blog doesn't even display correctly in my browser.
Also taken from:

|Your Fingerprints, Please: Digital of Course!—It’s getting
|very difficult to surf without leaving your fingerprints behind.
|We campaign for a solution, and offer an interim one.

Am I the only one who didn't find their interim solutions?

|We could also get down and dirty (Tiffs is really good at
|that sort of thing. Ouch! Why did the Good Lord have to give
|women such powerful finger muscles? I bear the scars!): want
|to know the difference between SOCKS4 and SOCKS4a? No! We
|didn’t think so. But we’ll tell you in any case!

I didn't see where/if they explain the difference,
but if that's as "down and dirty" they get, the blog
seems to be pretty worthless. 

> I had a look through the archives and the
> Wiki and I can't find anything that would cause Tor to
> just leak sometimes.  If you've done it by the book
> then that would be with Privoxy so I thought there
> would be no DNS leakage.  If you have turned off Java
> and Javascript as they say they I thought you'd be
> okay apart from the sort of attack where someone looks
> at both ends of the line.  They seem to be saying that
> DNS leaks sometimes but not always.  But if Tor wasn't
> set up properly then it would leak all the time.  Am I
> missing something.

I think you're missing that they are probably just
spreading FUD to get attention and have either no real
information to offer, or are very good at hiding it.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
URL: <>

More information about the tor-talk mailing list