Agreed about the dangers of add-ons and info here https://www.torproject.org/projects/torbrowser/design/ "The Design and Implementation of the Tor Browser [DRAFT]"
not sure if maintaining ghostery or adblock via Tor is worth the trouble as they might/might not improve the user experience but they don't from my standpoint push forward the design and implementation goals. I would say a first consideration might be to address mitm attacks. We have seen major problems with certificate authorities and most governments can write certificates. Tor has a vulnerability with mitm attacks. (everyone does) A migration towards a system like convergence (convergence.io) with a decentralized trust of SSL would probably be a good thing. Currently there are some conflicts between Tor and the convergence add-on working together but if this could be addressed or the process was internalized and if Tor was shipped with a large number of notaries (or approach this in the same way as bridges...not sure on this) then you would have a pretty complete solution. my 2 cents E75A7CF4 On 2/12/2012 10:29 AM, unknown wrote: > On Sun, 12 Feb 2012 17:00:59 +0100 > Martin Hubbard <martin.hubb...@gmx.us> wrote: > >> RefControl set to spoof referrer as host webroot is also useful, I think. >> ----- Original Message ----- >> From: Brian Franklin >> Sent: 02/12/12 09:53 AM >> To: tor-talk@lists.torproject.org >> Subject: [tor-talk] Adblock Plus and Ghostery should be included in Tor >> bundle >> >> Adblock Plus and Ghostery should be included in Tor bundle Two reasons 1. > Exit nodes and sites can make a traffic analysis > based on unique profiles of banned urls. > > Malicious exits nodes even can inject invisible blocked patterns > to make this analysis more active. > > Adblock and other similar user-tunable plugins should be avoided. > > Check https://www.torproject.org/projects/torbrowser/design/ > "The Design and Implementation of the Tor Browser [DRAFT]" > _______________________________________________ > tor-talk mailing list > tor-talk@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk