On Mon, Aug 18, 2008 at 02:01:41PM +0200, anonym wrote:
> In addition, Torbutton does all sorts of other stuff with Firefox that
> otherwise could leak information or otherwise weaken anonymity.
Right. This is important to remember -- using Tor without the new
Torbutton can expose you to anonymity
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ringo Kamens wrote:
> Ok, so as long as I don't whitelist anything, those attacks are pretty
> much nullified right?
not true: NoScript has a default whitelist with popular domains like
google.com or yahoo.com
> What specifically gets disabled in Tor
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Marco Bonetti wrote:
> Ringo Kamens wrote:
>> So just to confirm, if I install TorButton, that's all the protection I
>> need and I don't need to worry about NoScript?
> define "protection that you need" :)
> if you "just" want to browse the tor networ
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ringo Kamens wrote:
> So just to confirm, if I install TorButton, that's all the protection I
> need and I don't need to worry about NoScript?
define "protection that you need" :)
if you "just" want to browse the tor network leaving less traces behind
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Scott Bennett wrote:
> On Mon, 18 Aug 2008 14:57:42 +0200 sigi <[EMAIL PROTECTED]> wrote:
>> On Mon, Aug 18, 2008 at 11:17:57AM +0200, Karsten N. wrote:
>>> Ringo Kamens schrieb:
I'm working on a presentation where I teach people how to insta
On Mon, 18 Aug 2008 14:57:42 +0200 sigi <[EMAIL PROTECTED]> wrote:
>On Mon, Aug 18, 2008 at 11:17:57AM +0200, Karsten N. wrote:
>> Ringo Kamens schrieb:
>> > I'm working on a presentation where I teach people how to install Tor. I
>> > have always heard it is best practice to use NoScript and
On Mon, Aug 18, 2008 at 11:17:57AM +0200, Karsten N. wrote:
> Ringo Kamens schrieb:
> > I'm working on a presentation where I teach people how to install Tor. I
> > have always heard it is best practice to use NoScript and TorButton, but
> > TorButton automatically hooks "dangerous javascript". Is
On Mon, August 18, 2008 09:57, Marco Bonetti wrote:
> What do you think? (maybe we should also invite Maone on this topic)
I wrote to Maone about this issue, pointing him to the or-talk archives.
He replied with some interesting ideas, I'll report them here:
1) user actions
The user can enable/di
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 18/08/08 11:17, Karsten N. wrote:
> NoScript blocks other "dangerous content" like Java applets, flash,
> siverlight... too. And it discover cross site scripting. So I prefer
> NoScript and FoxyProxy.
Me too (FoxyProxy pattern matching rules!). I a
Ringo Kamens schrieb:
> I'm working on a presentation where I teach people how to install Tor. I
> have always heard it is best practice to use NoScript and TorButton, but
> TorButton automatically hooks "dangerous javascript". Is there any
> reason to have noscript installed after that?
NoScript
On Mon, August 18, 2008 09:32, anonym wrote:
> So, you should _not_ use them together. That's a shame, though.
This is something I was thinking about for some times now, thanks someone
has bring it back up to my attention :)
I completely agree with anonym: it's a shame. However I prefer having both
For JS, Noscript is the top.
I use Noscript and an old version of Torbutton (1.0.4.01) that perfectly does
the job for what it is for: enable/disabble Tor. Newer versions of Torbutton
made trouble with noscript.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 18/08/08 06:35, Ringo Kamens wrote:
> I have always heard it is best practice to use NoScript and TorButton
I've heard just the opposite. I suggest you read the section on which
Firefox extensions to avoid in the Torbutton FAQ:
https://www.torproj
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'm working on a presentation where I teach people how to install Tor. I
have always heard it is best practice to use NoScript and TorButton, but
TorButton automatically hooks "dangerous javascript". Is there any
reason to have noscript installed after
14 matches
Mail list logo