Another Method to Block Java Hijinks

James Muir jamuir at scs.carleton.ca
Thu Apr 5 21:10:51 UTC 2007


norvid wrote:
> On 4/5/07, James Muir <jamuir at scs.carleton.ca> wrote:
>> norvid wrote:
> 
> <snip>
> 
>> I've heard that properly configuring a firewall can be tricky.  In any
>> case, using a firewall still doesn't protect from Java applets reading
>> identifying information locally and sending it back through the
>> anonymous connection.
> 
> Actually, I believe that with the browser denied access to the
> internet, the normal 2-way java applet communication is prevented.
> Please try the test I mentioned.

In the tests that I have done previously, the Java VM inherits the proxy 
settings listed in the browser (at least this is what is supposed to 
happen; sometimes this does not happen).  So if the browser is 
configured to use Privoxy and these setting are communicated correctly 
to the Java VM, what is there to stop a Java applet from sending back 
data through Privoxy?

-James



More information about the tor-talk mailing list