Le Thu, 29 Jul 2010 04:13:44 -0400, [email protected] a écrit :
> I experienced errors in Tor with failure messages related to a > destination address. I determined the new version of Noscript was the > cause and reading the article below, I now know why. If you have > witnessed these errors with Noscript 2.0, reply here. Whst is the > remedy to this error? > > I downgraded to an older version to dodge this error, I would like to > keep current. The new feature related to ABE, see below, was causing > the error message in Tor. Tor works with Noscript 2.0, but with error > messages timed to every 5-10 minutes. I don't recommend Noscript 2.0 > for Tor users ATM unless this error may be resolved. > > Noscript 2.0 Released, Firefox Plugin > > http://www.h-online.com/security/news/item/Firefox-plug-in-NoScript-2-0-released-1047176.html > > 28 July 2010, 17:38 > > NoScript (http://noscript.net/) creator Giorgio Maone > (http://maone.net/) has announced > (http://twitter.com/ma1/status/19660159603) the release of version > 2.0 of his open source extension for Mozilla's Firefox browser that > blocks the execution of JavaScript, Java, Flash and other plug-ins or > scripted content. The add-on for Firefox includes a white list > (http://en.wikipedia.org/wiki/Whitelist) to allow scripts from > certain web sites and helps to prevent clickjacking > (http://en.wikipedia.org/wiki/Clickjacking) attacks, which involve a > crafted web site inserting a transparent iFrame underneath the user's > cursor. Victims believe that they are clicking on the displayed web > page, when in fact they are actually clicking on control elements > (e.g. buttons) on a transparent iFrame from another website. > > According to its developer, the latest version of the NoScript add-on > for Firefox is even more reliable, has an updated user interface > synchronisation system that's more efficient than previous versions > and includes several improvements against cross-site scripting (XSS). > Maone is especially proud of the new feature in version 2.0 that > builds on the add-on's Application Boundaries Enforcer (ABE) > (http://noscript.net/abe) module and provides cross-zone CSRF > protection for flawed routers which expose their WAN IP on their LAN > interface, saying that it "saves your router's ass even if it's so > flawed to expose its UI on the LAN with its WAN IP". Other changes > include the addition of an import / export feature, better handling > of mixed permissions pages and improved support for Firefox Mobile, > also known as "Fennec". > > More details about the release can be found in the change log > (http://noscript.net/changelog). NoScript 2.0 is available to > download (http://noscript.net/getit) from the project's site or from > the Add-ons for Firefox > (https://addons.mozilla.org/firefox/addon/722) portal and supports > Firefox 3.0 or later. Users running older versions of Firefox must > use the previous 1.10.x branch of NoScript. NoScript is licensed > under version 2 of the GNU General Public License > (https://addons.mozilla.org/en-US/firefox/versions/license/113776). > > See also: > > * ABE Patrols the Routes to Your Routers, blog post by Maone. > http://hackademix.net/2010/07/28/abe-patrols-the-routes-to-your-routers/ > * 26C3: Protection against Flash security holes, a report from > The H. > http://www.h-online.com/news/item/26C3-Protection-against-Flash-security-holes-893689.html > > "Stay thirsty my friends" > *********************************************************************** > To unsubscribe, send an e-mail to [email protected] with > unsubscribe or-talk in the body. http://archives.seul.org/or/talk/ Hi, I running FF 3.6.8 on Linux 64 and special plugins for Tor included Noscript 2 with the new feature and it run really well, No errors caused and no errors in Tor logs... So maybe your config must be wrong somewhere. Best regards SwissTorExit *********************************************************************** To unsubscribe, send an e-mail to [email protected] with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
