[tor-talk] Tor and JavaScript
iwanlegit at cock.li
iwanlegit at cock.li
Mon Dec 10 15:06:12 UTC 2018
1. not serious?
JS leaks my OS name, architecture name, clock setting, fonts, and
more... These are not my IP address even though I don't welcome JS.
2. serious!
If malicious attackers/softwares can get my IP address but can't send it
to their server directly, they may replace my OS name to my IP address
for example, or they may encrypt my IP address and put it in information
what JS can send to the server. Tor can't stop that.
JS can send information what users don't want to send while they don't
know. :(
TBB is a good product. But I doubt TBB (NoScript) enabling JS for some
sites as default.
More information about the tor-talk
mailing list