Warnings on the download page
James Muir
jamuir at scs.carleton.ca
Fri Mar 9 04:37:59 UTC 2007
Watson Ladd wrote:
>>> If there is a security manager, its checkConnect method is called
>>> with the proxy host address and port number as its arguments. This
>>> could result in a SecurityException.
> Just configure the security manager to prevent unproxyed connections.
Even if all Java connections are proxied through Tor, it is still
possible to read the end user's IP address locally and submit it to the
server that originated the applet. Java, along with all other browser
plugins, should be disabled.
By the way, I just had another look at Roger and Mike's warning on the
download page (it's now repositioned above the download links). I think
it's very well done. Good work!
-James
More information about the tor-talk
mailing list