Browser dos/don'ts ( was Re: Incognito Live CD using Polipo)
Robert Hogan
robert at roberthogan.net
Mon Oct 15 17:49:17 UTC 2007
On Sunday 14 October 2007 19:50:38 phobos at rootme.org wrote:
> On Sat, Oct 13, 2007 at 09:21:40AM +0100, robert at roberthogan.net wrote 0.9K
bytes in 30 lines about:
> : Do:
> : Spoof user-agent (is this necessary even with javascript disabled?)
> : (browser)
>
> Arguably, unless you're using BobnJoe's browser, any of the popular ones
> should provide sufficient numbers (firefox, safari, opera, ie).
>
konqueror, a bobnjoe browser if ever there was one, can only turn off sending
the user-agent and spoof it for selected websites. it doesn't even support
regexes.
> : Spoof http-headers as though a US english browser (browser/privacy
> : proxy?)
>
> Only if you want to appear as coming from the US, and if you read
> English. If you're in UAE and spoofing US English, then you may stand
> out for being different.
>
But no-one should know you're in the UAE because you're using tor. Or have I
missed your point?
> : Do not:
> : Use tabs (enforced/recommended by controller?)
>
> Why?
>
> : Keep the browser open when finished 'using tor' (enforced/recommended by
> : controller?)
>
> If your browser properly cleans up and you've disabled everything,
> chances are this isn't that big of a deal.
for both, javascript timers apparently. a separate browser or open-and-close
browser session seems to be the thing.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20071015/17e2b670/attachment.pgp>
More information about the tor-talk
mailing list