On Sun, 18 Dec 2011 21:02:37 -0600 Joe Btfsplk <joebtfs...@gmx.com> wrote: > Even if partly true, this is one reason I don't understand why TBB > has default settings to allow all cookies, seeing as how its main > goal is anonymity. Devs are very concerned about not writing > anything to cache, but not concerned about cookies.
There's a constant set of tradeoffs between usability and privacy. I think we should be erring more on the side of caution. The current design of Torbrowser is here, https://www.torproject.org/projects/torbrowser/design/ 3rd party cookies are not enabled by default. There's also some work on minimal noscript changes that won't break the web for 99% of the users, https://trac.torproject.org/projects/tor/ticket/3461 > Under current US & other nations' laws, it's possible that gov'ts > have already forced developers of any software - incl. Tor - to put > in backdoors. And in fact, say it's illegal for the devs of any > software to outright disclose such. https://www.torproject.org/docs/faq.html.en#Backdoor. If we're forced to put one in someday, we'll make it obvious and loud that it is so. The world will be in a sad state if this comes true. A forced backdoor in Tor will be the least of your problems. > I don't know that it has happened w/ Tor, but it certainly has in > other cases. If you want true anonymity, don't use the internet, I parse this as the 'abstinence model of Internets'. It doesn't work for sex education, addictive substances, and it's unlikely to work for anyone in a modern society. We need a better answer than 'all or nothing'. We're trying to make Tor one of these better answers. -- Andrew http://tpo.is/contact pgp 0x74ED336B _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk