[tor-talk] Traced by my anti-virus?
dope457
dope457 at riseup.net
Thu Aug 1 15:59:02 UTC 2013
Hello,
1) It depends on the version of TBB/OS/AV. For example entry from TWN:
An anonymous reporter reported [11] a potential leak when using the Tor
Browser Bundle 2.3.25-10 on Windows. If Microsoft Security Essentials or
another cloud based anti-virus solution is configured, downloads will
automatically be sent to these external providers — bypassing Tor — once
complete.
The reporter suggested setting the
‘browser.download.manager.scanWhenDone’ property to ‘false’ to prevent
anti-virus solutions from starting without user interaction.
-- Turned out this affects only finished downloads.
[11] https://bugs.torproject.org/9195
3) For forensics check out this paper:
https://research.torproject.org/techreports/tbb-forensic-analysis-2013-06-28.pdf
Hope this helps.
On 1.8.2013 13:08, Marcos Eugenio Kehl wrote:
>
>
> Hello Rainmakers!
>
> Questions for the experts:
>
> 1. Should I disable/shutdown my anti-virus before start Tor Browser? There is any risk of being traced by my anti-virus?
> 2. Must I erase all the metadata inside "event logs" in Windows 8, and use CCleaner after close Tor Browser?
> 3. We could talk a little bit more about computer forensics.
> Thanks.
>
>
> Marcos (Brazil)
>
>
>
More information about the tor-talk
mailing list