Privoxy and Java Re: Building tracking system to nab Tor
Dave Jevans
djevans at ironkey.com
Wed Mar 7 06:23:04 UTC 2007
Privoxy routes DNS through TOR.
Question: does Java in a browser run through the browser's IP stack?
If so, its DNS packets would go through the SOCKS proxy and Privoxy,
then TOR. Right?
At 9:46 PM -0800 3/6/07, Michael_google gmail_Gersten wrote:
>Well, first, this is just the normal exit node exposure of tor.
>
>The exit node in your circuit gets to see the raw communication
>between you and your destination. If you are using an SSL channel
>(SSH, https, etc) then nothing is a problem. Otherwise, the exit node
>can do things like spy on usernames and passwords, etc.
>
>There are already sites that modify the HTML of web pages going
>through them -- I've had scripts munged on some sites, for example --
>and this is just another case of that.
>
>Now, I believe tor allows you do exclude nodes from ever being used as
>exit nodes.
>
>On 3/6/07, Fergie <fergdawg at netzero.net> wrote:
>>Hmmm.
>>
>> http://blogs.zdnet.com/security/?p=114
>>
>>Comments?
>>
>>
>>--
>>"Fergie", a.k.a. Paul Ferguson
>> Engineering Architecture for the Internet
>> fergdawg(at)netzero.net
>> ferg's tech blog: http://fergdawg.blogspot.com/
More information about the tor-talk
mailing list