On Sat, Jan 03, 2009 at 05:15:15PM +0100, sigi wrote: > Hi, > > On Sat, Jan 03, 2009 at 05:26:57AM -0500, Ringo Kamens wrote: > > > > 3. One of the common criticisms of NoScript+Tor is that a malicious exit > > node can pretend to be any site it wishes. What about enabling js on > > file:// urls? If I understand them correctly, the browser won't make any > > external requests and then there would be no threat of an attack. > > > > Here on my machine, browsing the web with tor and firefox is not > possible, with addons noscript and torbutton enabled. I had to disable > noscript to use the torbutton first. > > sigi.
As noted at https://www.torproject.org/torbutton/faq.html.en you can use Torbutton instead of NoScript for good anonymity and security with Tor and Firefox.