Re: Update (#4) for "user.actions" template

2006-05-24 Thread Anothony Georgeo
Update #4; This update to the user.actions file is the same one I posted as a possible starting point for a offical Tor Privoxy HTTPS configuration at This breaks Tor users into two anonymity sets due to the header "compress" and HTTP vs.

Update (#1) for Privoxy "user.actions" (Was: Re: Privoxy "user.actions" template for HTTP/S (Was: Re: Easy Firefox hacks to improve anonymity...)

2006-05-24 Thread Anothony Georgeo
Update #1; This update is a minor change where the parm: { -prevent-compression } / is chagned to: { +prevent-compression } / This user.actions file is the same one I posted as a possible starting point for a offical Tor Privoxy configuration at

Privoxy "user.actions" template for HTTP/S (Was: Re: Easy Firefox hacks to improve anonymity...)

2006-05-23 Thread Anothony Georgeo
Hi, Here are the relevent Privoxy "user.actions" settings that will make your HTTP and HTTPS heads the same. Copy/paste the following lines into an empty section of your "user.actions" file: Note: The "User_Agent" line should not be wrapped. # This setting blocks "HTTP CONNECT" attempts via.

Update (#3) for "user.actions" template

2006-05-22 Thread Anothony Georgeo
Update #3; After further testing of the paramiters "html-annoyances" and "img-reorder" I think they should be included within the template. - { +filter{html-annoyances} } / { +filter{img-reorder} } / - Update #3 entails the two paramiters mentioned: Note: The "hide-user-agent" line should

Re: "User.Actions" Template

2006-05-22 Thread Anothony Georgeo
ttacks. > The update for the 'user.actions' template allows for an end-user to enter any number of HTTPS URL's that they wish to access through Tor. These HTTPS URL's have priority over the defult blocking of HTTPS traffic. You can access the HTTPS sites you specify but all o

Re: "User.Actions" Template

2006-05-22 Thread Ringo Kamens
I don't think blocking HTTPS is a very good idea (although it has it's benefits). If you connect via https then you make all your tor nodes blind including the exit node which could curb abuse and attacks. On 5/22/06, Anothony Georgeo <[EMAIL PROTECTED]> wrote: --- Ringo Kamens <[EMAIL PROTECTE

Update (#2) for "user.actions" template (Was: Update for 'user.actions' template)

2006-05-22 Thread Anothony Georgeo
ing: - *.eff.org/ - Here is Update #2 for the user.actions template: Note: The "hide-user-agent" line should not be wrapped. # This setting blocks "HTTP CONNECT" attempts via. # HTTPS (eg. SSl). # # This setting prevents Privoxy from forwarding HTTPS # which it c

Re: "User.Actions" Template

2006-05-22 Thread Anothony Georgeo
--- Ringo Kamens <[EMAIL PROTECTED]> wrote: > If you are visiting an HTTPS site, so extensions > like noscript and the firefox settings to disable java > still work? > Yes, they still work. The only thing the update for the template does is allow/block access to HTTPS.

Re: "User.Actions" Template

2006-05-22 Thread Ringo Kamens
If you are visiting an HTTPS site, so extensions like noscript and the firefox settings to disable java still work? On 5/22/06, Anothony Georgeo <[EMAIL PROTECTED]> wrote: --- Fabian Keil <[EMAIL PROTECTED]> wrote: > Anothony Georgeo <[EMAIL PROTECTED]> wrote: > [snip] > How do you convince you

Update for "user.actions" template (Was: Re: "User.Actions" Template )

2006-05-22 Thread Anothony Georgeo
Update; Thanks to a discussion with Fabian Keil I have updated the "user.actions" template to block all ingress/egress HTTPS traffic by default. I also included settings to allow specific HTTPS URL to be accessed. I have updated the "user.actions" file to block all "H

Re: "User.Actions" Template

2006-05-22 Thread Anothony Georgeo
--- Fabian Keil <[EMAIL PROTECTED]> wrote: > Anothony Georgeo <[EMAIL PROTECTED]> wrote: > [snip] > How do you convince your browser not to fetch > additional images and style sheet through HTTPS? > > Not actively visiting untrusted HTTPS sites doesn't > stop anyone from spicing up his pages with

Re: "User.Actions" Template

2006-05-21 Thread Fabian Keil
"Anthony DiPierro" <[EMAIL PROTECTED]> wrote: > On 5/21/06, Fabian Keil <[EMAIL PROTECTED]> wrote: > > Anothony Georgeo <[EMAIL PROTECTED]> wrote: > > > > > I think it is wise to note that Privoxy can not filter > > > HTTPS. Most non-tech end-users do not know this. I > > > do not block HTTPS co

Re: "User.Actions" Template

2006-05-21 Thread Anthony DiPierro
On 5/21/06, Fabian Keil <[EMAIL PROTECTED]> wrote: Anothony Georgeo <[EMAIL PROTECTED]> wrote: > I think it is wise to note that Privoxy can not filter > HTTPS. Most non-tech end-users do not know this. I > do not block HTTPS connections as I think it is > easiser to simply not visit an HTTPS

Re: "User.Actions" Template

2006-05-21 Thread Ringo Kamens
Perhaps the tor site could have a little javascript/web form that would generate a "custom" privoxy config/actions/etc. based on what the user asked for? On 5/21/06, Fabian Keil <[EMAIL PROTECTED]> wrote: Anothony Georgeo <[EMAIL PROTECTED]> wrote: > I think it is wise to note that Privoxy can

Re: "User.Actions" Template

2006-05-21 Thread Fabian Keil
Anothony Georgeo <[EMAIL PROTECTED]> wrote: > I think it is wise to note that Privoxy can not filter > HTTPS. Most non-tech end-users do not know this. I > do not block HTTPS connections as I think it is > easiser to simply not visit an HTTPS url. How do you convince your browser not to fetch a

"User.Actions" Template (Was: Re: Threats to anonymity set at and above the application layer; HTTP headers)

2006-05-21 Thread Anothony Georgeo
Hi Seth, --- Seth David Schoen <[EMAIL PROTECTED]> wrote: [snip] > ... > A remedy for this would be to try to create a > standardized Privoxy configuration and set of browser > headers, and then try to convince as many Tor users > as possible to use that particular configuration. > (One way to