Re: New Bundle Version 1.3.10
On Wed, 27 Oct 2010 10:22:07 + Erinn Clark er...@torproject.org wrote: * M moeedsa...@gmail.com [2010:10:16 18:48 +]:=20 Why the switch to noscript? and link on the issue? Hey there, I am working on writing this up -- I sat down with Mike Perry, the Torbutton developer, and we went over what each of the Firefox extensions added. It's= not in any kind of proper document yet, but here are my notes about the new extensions so you aren't left hanging for too much longer: HTTPS-Everywhere - pre-emptively converts http URLs into https URLs for many popular sites that support https NoScript - majority of options are disabled Erinn, I'm not sure what you meant there. Did you mean that NoScript disables the majority of Firefox options? Or that the majority of NoScript options is disabled in this version of the bundle? - allows users to globally toggle javascript - provide click-to-play placeholders in the event that users want to set to= rbutton to enable plugins FWIW, I'd like to recommend also using QuickJava, which allows toggling of Java and JavaScript individually. In other words, allowing scripts in NoScript allows one still to disable Java while leaving JavaScript enabled if one so desires. If scripts are disabled in NoScript, then clicking on the QuickJava buttons has no effect. I, for one, *never* want Java enabled for anything, but in a very few cases, I do allow JavaScript to run. BetterPrivacy - exists only to delete flash cookies in the event that users allow plugins and run certain flash apps. it cleans up any data that flash might write outside of our control. (backup mechanism.) I'll let you know when I have a fuller analysis available. Okay. You might want to look through all the stuff on the NoScript web pages to get a better understanding of the extensive list of pretty awful leakages and attacks that NoScript can block. Scott Bennett, Comm. ASMELG, CFIAG ** * Internet: bennett at cs.niu.edu * ** * A well regulated and disciplined militia, is at all times a good * * objection to the introduction of that bane of all free governments * * -- a standing army. * *-- Gov. John Hancock, New York Journal, 28 January 1790 * ** *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: New Bundle Version 1.3.10
On 11/2/2010 3:01 AM, Scott Bennett wrote: On Wed, 27 Oct 2010 10:22:07 + Erinn Clarker...@torproject.org wrote: NoScript - majority of options are disabled Erinn, I'm not sure what you meant there. Did you mean that NoScript disables the majority of Firefox options? Or that the majority of NoScript options is disabled in this version of the bundle? Not sure what was meant, but would it make * any * sense to include NoScript then disable most functionality of it? On 11/2/2010 3:01 AM, Scott Bennett wrote: FWIW, I'd like to recommend also using QuickJava, which allows toggling of Java and JavaScript individually. In other words, allowing scripts in NoScript allows one still to disable Java while leaving JavaScript enabled if one so desires. Huh? It's early in AM, but which are you advocating - or both? If scripts are disabled in NoScript, then clicking on the QuickJava buttons has no effect. Others can weigh in on this: In past, I've had conflicts running QuickJava Torbutton. One prob was once toggled Torbutton off, shut down Tor, QuickJava didn't properly toggle plugins unless restarted Firefox - * at minimum. * Been a while, but may have had to uninstall / reinstall QuickJava to restore functions. Plan on trying it again. I, for one, *never* want Java enabled for anything, but in a very few cases, I do allow JavaScript to run. How do you get pages to work correctly - such as clicking links to d/l files, if only allow JS on very few pages? Seems to me, more trusted sites than not require some JS to use the sites. I'm curious, since you said very few, not on trusted sites. Okay. You might want to look through all the stuff on the NoScript web pages to get a better understanding of the extensive list of pretty awful leakages and attacks that NoScript can block. Back to QuickJava NoScript: Aren't they overlapping - possibly conflicts of using both? *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
RIPE bloks some tor-nodes
whois xxx.xx.xxx.x % This is the RIPE Database query service. % The objects are in RPSL format. % % The RIPE Database is subject to Terms and Conditions. % See http://www.ripe.net/db/support/db-terms-conditions.pdf %ERROR:201: access denied for 192.251.226.206 % % Sorry, access from your host has been permanently % denied because of a repeated excessive querying. % Please see http://www.ripe.net/db/err201.html % for more information. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/