is Java unsafe to use with Tor?

[James Muir]

tor user wrote:
> Greetings, 
> 
> (I'm not sure if this is exactly the right place to
> discuss this, but it pertains to using proxies in Java
> in a possibly unsafe manner, and this sort of thing
> seems to only matter to users of Tor)
> 
> If I hava a Java program, and I do something like the
> following: 
> 
> Properties systemSettings = System.getProperties();
> systemSettings.put("http.proxyHost", "127.0.0.1");
> systemSettings.put("http.proxyPort", "8118");
> System.setProperties(systemSettings);
> 
> This has the effect that all HTTP connections
> following will be proxied via port 8118 on localhost,
> where an instance of Privoxy might be listening. A
> problem soon arises however if for some reason,
> Privoxy isn't currently listening (for example, it
> crashes, or it is hosted on another system that has
> gone down, or whatever). In the case that nothing is
> listening on the intended port, Java will switch to
> making connections directly instead. This could be, of
> course, somewhat disasterous from a security POV. 
> 
> Are there any Java folks who have any insight about
> how the "feature" is disabled? The expected behavior
> should be that if the configured proxy is down,
> connections should fail (as they would in any other
> system). 
> 
> Or is Java just an unsafe system to try to be
> anonymous in? 

Java is not safe to use with Tor, or any other proxy-based anonymity 
system.  It is possible for applets to override any proxy settings you 
might have set (i.e. an applet running in your browser can disregard 
your proxy settings and make a direct connection to the internet).  For 
an example of this, you can have a look my paper "Internet Geolocation 
and Evasion".

I have heard that it is possible to run your browser and JavaVM (and 
Flash and JavaScript, if you want) inside a larger virtual machine. 
This is what JanusVM does.  If you really want to use Java with Tor, 
then you could try that.

-James