[tor-talk] An external application is needed...

bao song michaelwprx at yahoo.com.au
Sat Mar 10 08:49:35 UTC 2012


Once upon a time, if one clicked on a non-html link (pdf, doc, etc.) one got the warning that opening the document might unmask one. 

This warning is clearly valid for some documents, because they automatically connect to web-based resources to download linked files and images without going through Tor.

If, however, one right-clicked and selected 'download', no warning appeared, just the download dialogue box.

Now, however, even if one right-clicks and selects 'download' the warning usually appears. In earlier versions of TBB, the warning was sporadic, with the TBB sometimes giving the warning, and sometimes giving the download dialogue box, but now the warning seems to be consistent: try to download any file, and TBB issues the warning that the user is about to open a file that could unmask the user.

And I suppose there is some validity here: if one downloads a file with active links and then opens it, it may well automatically connect back and inform who, exactly, is viewing that file.

I don't think Word or Adobe Reader automatically connect external links without warning the user, but I could be wrong.

***

I would like to note that excessive security tends to convince the user that all security is excessive, until users just click 'Ignore' to every warning, so it is best if warning are limited to serious threats.

So my question is: do Adobe Reader and Word document automatically connect to download images and links without going through Tor, or do they just display links that the users must activate to download the content and thereby expose themselves? And if they give such warnings, why does TBB warn users against downloading them?



More information about the tor-talk mailing list