On Sat, Dec 30, 2000 at 08:21:29PM -0500, Benjamin Coates wrote:
> >Is the only possible anonymity threat something that causes the browser to
> >make a request over a non-freenet protocol like http?  I mean, can we say
> >JavaScript is OK so long as it doesn't trick the browser into making
> >a non-freenet request?
> >
> >If so, you can easily protect yourself just by configuring your browser
> >to use a non-existent proxy for any non-freenet protocol, or use a firewall,
> >or whatever..  right?
> 
> Well, aside from utterly breaking HTTP, that would probably work.  I'm not 
> entirely sure how reliably you can ensure that your browser never tries to 
> make non-proxy connections, though.

But the point is, if you can block all non-freenet protocols, you don't have
to care about JavaScript in the page..   software utilities to switch your
browser between "freenet mode" and "non-freenet mode" are conceivable
(e.g.,  a proxy listening on localhost which either invisibly
forwards requests or blocks them depending on which mode,
or a script that rewrites your browser's proxy settings on the fly).

And of course browsers *could* implement this functionality themselves.

-- 

// Tavin Cole

_______________________________________________
Freenet-dev mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/mailman/listinfo/freenet-dev

Reply via email to