On Thu, Mar 08, 2007 at 05:30:57AM -0500, Roger Dingledine wrote: > Mike and I just whipped up an early version of this here: > > http://tor.eff.org/download.html.en#Warning
I've just added another sentence to the pile of warnings: "Consider removing extensions that look up more information about the websites you type in (like Google toolbar), as they may bypass Tor and/or broadcast sensitive information." I added this because periodically people show up on the IRC channel saying they followed our instructions exactly, but their sniffer still says they're doing DNS resolves. And in many cases we track it down to some esoteric extension that does geolocation for the websites they type in, or lists the IP address that they're hitting, or something like that. I guess that some Tor users have a whole mess of other extensions installed. I have no idea if these users are smart enough to realize potential problems, but probably not all of them are. The last person who had this problem wrote this wiki page for us: http://wiki.noreply.org/noreply/TheOnionRouter/DangerousFirefoxExtensions Have you experienced other extensions that have this behavior? (Perhaps you're running one right now and you didn't realize? ;) Would somebody here like to take charge to organize a list and keep it maintained? Thanks! --Roger
