-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear Tor universe,
A while back I remember that it was suggested that people not use TorButton with NoScript but now it seems to be an acceptable course of action. I give workshops on online privacy with a significant portion of them focusing on Tor and I got a question from somebody that I was unable to answer which went something like this: Does the TorButton "hook dangerous javascript" function still work if you tell noscript to allow scripts on certain pages/sites? It's obviously smartest to keep a no javascript policy unless absolutely necessary, but assuming one *has* to allow it occasionally, are they exposing themselves to that much additional risk? Thanks for any help ya'll can offer, Ringo -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAktC9ZIACgkQETpif9i/sroPUQCeIDeILtp/4UbOkqv+8PFBEEpR rPwAn1ZsDRV/tj96LXjNr7t4boI2xTKK =RTZQ -----END PGP SIGNATURE----- *********************************************************************** To unsubscribe, send an e-mail to [email protected] with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
