[tor-talk] Towards a Tor-safe Mozilla Thunderbird
tagnaq
tagnaq at gmail.com
Thu Sep 15 21:21:59 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi,
I uploaded a document [1] to the Tor wiki. It is about application-level
privacy leaks in Thunderbird including proposed solutions. It would be
great to get some review/feedback - especially on the proposed solutions.
btw: I won't be able to reply in a timely manner in the next few days.
[1] http://bit.ly/qDZm7C
SHA1:6c84e6a2147ff53d01f96d876ba23a47a5329c92
Since the document was written, proposal 171 (stream separation) was
implemented/released in 0.2.3.3 [2] and new Thunderbird version were
released (but didn't address the problems yet).
To mitigate a certain problem (bugzilla: 684035) described in section
4.1.4.I recommend every Thunderbird user to set the following
preferences to true:
network.protocol-handler.warn-external.http
network.protocol-handler.warn-external.https
Related bugzilla tickets:
- - https://bugzilla.mozilla.org/show_bug.cgi?id=664633
- - https://bugzilla.mozilla.org/show_bug.cgi?id=669238
- - https://bugzilla.mozilla.org/show_bug.cgi?id=684035
[2] https://trac.torproject.org/projects/tor/ticket/1865
https://lists.torproject.org/pipermail/tor-talk/2011-September/021229.html
-----BEGIN PGP SIGNATURE-----
iF4EAREKAAYFAk5ybHYACgkQyM26BSNOM7aN6wD8DjqiHBldD1BXR1Y7qD+jpcGU
LCsjCo7/+QY/aYfVczMA/3UGO6cmYobkKYQ1ZYfhaIYr5h5wzp8I9RFu+dHHYpAN
=E8+o
-----END PGP SIGNATURE-----
More information about the tor-talk
mailing list