[tor-talk] Basic questions from new user but...
Joe Btfsplk
joebtfsplk at gmx.com
Thu May 10 23:36:28 UTC 2012
On 5/10/2012 3:45 PM, Andrew Lewman wrote:
> On Wed, 9 May 2012 17:56:34 -0600
> Elena Johnson<mmaioyp at hotmail.com> wrote:
>> 1) Can I ANONYMOUSLY allow scripts for hotmail, gmail and yahoo mail
>> using Tor browser?
> The answer is here,
> https://www.torproject.org/docs/faq.html.en#TBBJavaScriptEnabled
Isn't this approach very much a double edged sword? From the link:
> However, we recommend that even users who know how to use NoScript
> leave JavaScript enabled if possible, because a website or exit node
> can easily distinguish users who disable JavaScript from users who use
> Tor Browser bundle with its default settings (thus users who disable
> JavaScript are less anonymous).
It may be true that changing settings makes one's profile different, but
from all I've ever read, java script is responsible for more malicious
browser attacks than anything. That's not so good.
Can someone explain to non-Tor network experts in layman's terms (25
words or < ) :D, what exactly some one / entity HAS to be able to do in
order to profile that Joe has java script disabled, & then be able to
tie it to MY (dynamic) IP address - at * that * moment (an address that
could change anytime), or to me physically, sitting here at 123 Oak St.,
Bumfk, ND?
Then, what are the REAL world odds that out of all the exit nodes
traffic, which are constantly changing users, that someone can monitor
enough nodes AND be able to tie it directly to ONE specific person, w/ a
real name & physical address? Are we talking that any 12 yr old w/ the
right, free software can do this, or "theoretically"?
Thanks.
More information about the tor-talk
mailing list