[tor-talk] wget - secure?

Joseph Lorenzo Hall joehall at gmail.com
Wed Apr 18 17:00:21 UTC 2012

On Wed, Apr 18, 2012 at 4:56 AM, Maxim Kammerer <mk at dee.su> wrote:
> On Wed, Apr 18, 2012 at 11:37, Robert Ransom <rransom.8774 at gmail.com> wrote:
>> Which version of wget did you audit?  What information leaks did you
>> check for during your audit?
> I should have known I would get useless replies with zero informative
> content to that summary. Wget does not resolve hostnames when it uses
> a proxy. Many programs do (e.g., Midori does, and Pidgin did at one
> point, if I am not mistaken), but wget doesn't. Wget is therefore safe
> to use via Tor. Do you have any specific information saying otherwise,
> besides the obvious “no one should ever claim that anything is 100%
> anything, ever”? Note that I originally replied to a post by Runa
> Sandvik which was entirely wrong and needed correction, and that you
> are quoting a summary. What is your contribution to this thread
> exactly?

I'm sorry, but I think you have it backwards in terms of uselessness
of replies on this thread.  Ransom asked you a series of cordial,
pointed questions wondering under what configuration you determined
wget does not leak.  The underlying point is that it would be neat if
you've done a comprehensive analysis of a specific version of Tor,
etc., etc.

That would be useful to know. best, Joe

Joseph Lorenzo Hall
Postdoctoral Research Fellow
Media, Culture and Communication
New York University

More information about the tor-talk mailing list