Re: LiveCD For Testing
Hi all, since the tracker Robert used went down, I set up a tracker elsewhere. The torrent Metafile can be accessed at http://yalla.ynfonatic.de/media/TorLiveCD-TestingOnly.iso.torrent The md5sum of the ISO is 0843b24fb08edf6e0ef64f82083e041b and it would be good if Robert could confirm that. I'm currently seeding with two machines, but I'm going to take the second seeder down as soon as other people joined in to save bandwidth; I noticed that a couple of people already completly downloaded the ISO, so there's no need to download it again. Starting your Client in the same directory where the original ISO is stored is enough. Cheers, Alex. -- I am tired of all this sort of thing called science here... We have spent millions in that sort of thing for the last few years, and it is time it should be stopped. -- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901.
Re: Another Method to Block Java Hijinks
norvid wrote: Hello I have another method that may block Java hijinks that can allow a site to determine your real IP. This one allows you to use the normal default browser settings. You do not have to turn off all sorts of scripts. You probably should still block cookies. Use a firewall with settings which block the browser from accessing the internet but allows Privoxy access. Set up your firewall this way. Now to test obviously all you need do is turn the firewall off and on. Go to this page to test: http://stayinvisible.com/cgi-bin/iptest.cgi This page uses a Java applet to reveal your real IP. It will guess mine when the firewall is off but fails to when the firewall is on. Now test your IP without the firewall but while turning off Java. You should see that the test will not reveal your IP. Don't worry about javascript. It has nothing to do with it on this particular page. I'm throwing this out here as potentially another way to protect your privacy while using Tor and depending on the firewall used it may be easier to set up than turning off all sorts of browser functionality. I've heard that properly configuring a firewall can be tricky. In any case, using a firewall still doesn't protect from Java applets reading identifying information locally and sending it back through the anonymous connection. In my opinion, I think its best just to disable Java, and all the other plugins mentioned in the warning on the download page. You may be interested to know that there is a Live CD which bundles Tor and some ipchains rules. It is mentioned in the Tor FAQ -- see Virtual Privacy Machine: http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ -James
Re: Another Method to Block Java Hijinks
On 4/5/07, James Muir [EMAIL PROTECTED] wrote: norvid wrote: snip I've heard that properly configuring a firewall can be tricky. In any case, using a firewall still doesn't protect from Java applets reading identifying information locally and sending it back through the anonymous connection. Actually, I believe that with the browser denied access to the internet, the normal 2-way java applet communication is prevented. Please try the test I mentioned. In my opinion, I think its best just to disable Java, and all the other plugins mentioned in the warning on the download page. I agree. I am throwing my idea out here just for info purposes so that those who know more than I might take it into consideration for whatever it's worth (perhaps not much). You may be interested to know that there is a Live CD which bundles Tor and some ipchains rules. It is mentioned in the Tor FAQ -- see Virtual Privacy Machine: I am perfectly happy for my purposes with the way I have Tor configured. I'd likely give that a try if and when I get a new machine with a new OS. snip Dave
Re: Another Method to Block Java Hijinks
On 4/5/07, James Muir [EMAIL PROTECTED] wrote: norvid wrote: On 4/5/07, James Muir [EMAIL PROTECTED] wrote: norvid wrote: snip I've heard that properly configuring a firewall can be tricky. In any case, using a firewall still doesn't protect from Java applets reading identifying information locally and sending it back through the anonymous connection. Actually, I believe that with the browser denied access to the internet, the normal 2-way java applet communication is prevented. Please try the test I mentioned. In the tests that I have done previously, the Java VM inherits the proxy settings listed in the browser (at least this is what is supposed to happen; sometimes this does not happen). So if the browser is configured to use Privoxy and these setting are communicated correctly to the Java VM, what is there to stop a Java applet from sending back data through Privoxy? I don't know the answers to these questions other than to say that I am not configuring any of the proxy settings in the Java VM. They are the default. I have tried to configure Java VM proxy settings with no apparent success. I have no idea why this does not work. My test might best be performed on a Windows machine as the availability of software firewalls is fairly extensive. Alot of these are easily configurable to block the browser and allow Privoxy access. Although I don't have much experience with Linux, I'm guessing that it might be a little more difficult to configure than Windows. I am certain that on my machine using two different firewalls, the very specific test I detailed will not determine my real IP even though Java is enabled. Of course it cannot determine my IP if Java is disabled also. -James Dave
