Hi Folks, I've found an anonymity threat in Freenet which concerns me.
I had gathered that Fproxy screens incoming HTML from Freenet and warns users about any matter which can threaten their privacy. But I inserted a web page into Freenet which uses a '<IMG' tag to pull in the 'hops' graphic from the Freenet site. I loaded this page, and Fproxy was none the wiser. Try it for yourself - freenet:KSK at privacy-threat or http://127.0.0.1:8081/privacy-threat Why it worries me is that it's easy to insert html pages into Freenet that contain 'web bugs' - small 1x1 clear GIF images sourced from a mainstream web server. Loading such Freenet pages via fproxy will result in one's browser automatically sending a hit to an actual web server, which is a total loss of privacy. Unless fproxy is reworked to handle this, the only defence I can think of is to set one's firewall temporarily to block the browser's access to external servers while surfing Freenet. David -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20010402/d2f691fe/attachment.html>
