[tor-talk] Flash, Linux and Tor
adrelanos
adrelanos at riseup.net
Fri Oct 12 11:38:34 UTC 2012
Outlaw:
> Hi! Let`s say main linux user A is cut off from Internet with iptables,
> user B starts Tor. If I run TorBrowser by user A, connect it to Tor
> (which is started by B) with socks and turn on flash plugin, is there
> any security/anonimity leak in this scheme? Thank you.
If you ever use or used Flash without Tor, your Tor session can likely
be linked to your non-Tor session. (Flash Cookies, browser fingerprint,
fonts, os, kernel, dpi, etc.)
I believe my project Whonix is currently the safest method to use Flash.
IP/DNS/location remains safe, but Flash usage will always be only
pseudonymous rather than anonymous. Linking your sessions will be
limited to your activity inside the Workstation. Details:
http://sourceforge.net/p/whonix/wiki/Applications/#browser-plugins
Screenshots:
http://sourceforge.net/p/whonix/wiki/Screenshots/#flash-leak-test-socksport-and-transport
http://sourceforge.net/p/whonix/wiki/Screenshots/#flash-leak-test-both-transport
More information about the tor-talk
mailing list