Re: Torbutton 1.1.8-alpha (Usability improvements)
The way I see it there are two reasons to use NewNym: 1) To change ones's pseudonym identity (IP address of exit node) to a new pseudonym identity. In this case all cookies, cache, etc should be cleared to insure the new pseudonym identity is not correlated to the old pseudonym identity. 2) To try and find a faster circuit when the current one is too slow. When I am surfing and my browsing session seems too slow (even for Tor) I may use NewNym in the hope the next circuit will be faster (which generally seems to be the case). === In either case NewNym (New Identity) should be used with care. I think most non-tech Tor users do not fully grasp issues/concerns with NewNym. It seems many Tor users view it as a silver bullet that will automatically increase anonymity. The big issue that I am aware of is that lots of new circuits cause CPU overhead. Some sites are CPU bound, and are hurt by that. Firefox has the problem that if you clear cookies from a site, that site is permanently blocked from sending cookies. Not sure what you mean here. I clear cookies after each time I use yahoo and yahoo is still able to send me new cookies. Really? For me, if I remove a cookie, that site is prohibited from sending me any cookie after that. Caused me all sorts of problems until I realized this (I used to clean my cookies out regularly).
Re: Torbutton 1.1.8-alpha (Usability improvements)
jeffery statin [EMAIL PROTECTED] wrote: --- Mike Perry [EMAIL PROTECTED] wrote: I'm still of the mind it's kind of silly to put it in torbutton if it doesn't clear cache+cookies... I agree. While on that topic, would it possible to have TorButton clear the cache of Polipo/Privoxy? I know the Polipo cache can be cleared from command line but I do not know if this is possible with Privoxy. It's not. Privoxy isn't a caching proxy so there's nothing to be cleared. Fabian signature.asc Description: PGP signature
Re: Torbutton 1.1.8-alpha (Usability improvements)
Thus spake Michael_google gmail_Gersten ([EMAIL PROTECTED]): I think that's the real issue I have with cookies. The idea that a cookie can be permanent without my approval. I have no problem with login cookies. I have every problem with third party cookies being accepted at all (the only place where IE is better than firefox -- those can be disabled in IE). I hate visitor tracking cookies that seem to get stuffed out by every website hoster now-a-days. So what does this mean to you with respect to cookie clearing? Should a newnym signal always clear cookies? Should it sometimes clear cookies? Should its behavior be tied to an existing torbutton cookie preference? I'm still of the mind it's kind of silly to put it in torbutton if it doesn't clear cache+cookies... Now, how do httpS: streams get their cookies stolen or modified? http://seclists.org/bugtraq/2007/Aug/0070.html Gmail and many other sites are still vulnerable. -- Mike Perry Mad Computer Scientist fscked.org evil labs pgpJvHzhfomKk.pgp Description: PGP signature
Re: Torbutton 1.1.8-alpha (Usability improvements)
--- Mike Perry [EMAIL PROTECTED] wrote: So what does this mean to you with respect to cookie clearing? Should a newnym signal always clear cookies? Yes, as that is required to achive a truly new identity via. NewNym (along with clearing cache, etc). Maybe put a warning up when TorButton NewNym is used? I'm still of the mind it's kind of silly to put it in torbutton if it doesn't clear cache+cookies... I agree. While on that topic, would it possible to have TorButton clear the cache of Polipo/Privoxy? I know the Polipo cache can be cleared from command line but I do not know if this is possible with Privoxy. Thank you Tonight's top picks. What will you watch tonight? Preview the hottest shows on Yahoo! TV. http://tv.yahoo.com/
Re: Torbutton 1.1.8-alpha (Usability improvements)
So what does this mean to you with respect to cookie clearing? Should a newnym signal always clear cookies? Should it sometimes clear cookies? Should its behavior be tied to an existing torbutton cookie preference? Newnym is a tor-level action to change streams. Clear cookies is a torbutton-level action to clear out cookies I think it sounds like you want an action at torbutton that does both. I personally use vidalia's new identity a lot, a lot more than I clear cookies. I think that new user in torbutton should clear any per-session cookie. I think that it should be possible to specify specific cookies to be preserved across a new user, as well as others that should be killed. Firefox has the problem that if you clear cookies from a site, that site is permanently blocked from sending cookies. Again, I want to convert permanent cookies into session cookies, but still keep some -- at my choice, not at the website's choice -- as permanent. Got a cookie manager that does that?
Torbutton 1.1.8-alpha (Usability improvements)
This is the 1.1.8 alpha release of the Torbutton Firefox extension. It features significant usability and compatibility enhancements. However, it is still alpha software, so it may have some rough edges. If you notice issues or have usability complaints, now is the time to speak up while things are still easy to change. Please be specific. I have made a good effort to anticipate common usability complaints for this release from the feedback I have so far received, but I am not omniscient. Eventually, this Torbutton will be backported to the stable Tor release, so if you do not speak up soon, you will be perpetually suffering in silence and will be stuck uninstalling the extension every time you upgrade Tor (and leaving yourself vulnerable to numerous anonymity-compromising vulnerabilities in the process). See http://torbutton.torproject.org/dev for more information. Changes in 1.1.8 * bugfix: bug 510: Decouple cookie clearing from Clear Private Data settings * bugfix: bug 474: Decouple password+form saving from history writing * bugfix: bug 460: Rework handling of hooking based on global events+window lookup * bugfix: Hooking fixes for pages with nested frames/iframes * bugfix: Cookies are now properly synced before storing into a jar * misc: Tightened up the alerts a bit more for the javascript hooking * misc: Changed defaults to be less intrusive to non-tor usage * new: Added options to start in Tor and reload cookies after browser crash * new: Added ability to have both Tor and Non-Tor cookie jars http://torbutton.torproject.org/dev/releases/torbutton-1.1.8-alpha.xpi MD5: 39ce0dc3f6b20f79042aad2397baafb4 -- Mike Perry Mad Computer Scientist fscked.org evil labs pgpcodSU4YtZo.pgp Description: PGP signature
Re: Torbutton 1.1.8-alpha (Usability improvements)
--- Mike Perry [EMAIL PROTECTED] wrote: [snip] If you notice issues or have usability complaints, now is the time to speak up while things are still easy to change. Please be specific. I do not have issues or complaints but I do have a question and a possible feature request. a) Why is JavaScript not disabled by TorButton? Does hook dangerous javascript make using JavaScript safe with Tor? b) Would it be possible to have TorButton automatically clear the cache, unprotected Tor cookies, etc when a NewNym signal is sent (for example by Vidalia)? Thank you for your efforts Building a website is a piece of cake. Yahoo! Small Business gives you all the tools to get online. http://smallbusiness.yahoo.com/webhosting
Re: Torbutton 1.1.8-alpha (Usability improvements)
Thus spake jeffery statin ([EMAIL PROTECTED]): I do not have issues or complaints but I do have a question and a possible feature request. a) Why is JavaScript not disabled by TorButton? Does hook dangerous javascript make using JavaScript safe with Tor? The combination of hook dangerous javascript and isolate dynamic content make javascript safe, modulo browser exploits. The main problems with javascript revolve around the ability to get timezone+OS info, and to install event handlers/timers to load content after you toggle Tor. These two issues are handled by those options respectively. For some Java plugin+OS combos, the Disable Plugins during Tor Usage is also required. http://ha.ckers.org/weird/tor.cgi claims that they are able to get Firefox 2.0 to call java functions from javascript. When I tested with the Sun JRE 5.0 on Windows, this was only possible up to and including Firefox 1.5, but not Firefox 2.0. However it appears that the new Sun JRE 6.0 has fixed this problem, and again allows you full access to Java from javascript. Brilliant work, impressive even for a company that has managed to give the same product 5 different version numbers at the same time. Note that allowing plugins is a lot more dangerous than just Java anyways, so you should not have this setting unchecked for normal usage unless you have some other type of upstream Tor-only firewall. b) Would it be possible to have TorButton automatically clear the cache, unprotected Tor cookies, etc when a NewNym signal is sent (for example by Vidalia)? This is logistically difficult. The easier route is to add a New Nym option to torbutton itself, and have it somehow communicate to either vidalia or the control port directly. Allegedly raw TCP is possible from privileged Firefox javascript, but it is likely less than pretty. I will look into it to see if it is technically possible before the 1.2 stable release. Usability complications also arise though. If the user says they want to keep their Tor cookies in a jar (or left alone entirely), should new nym still clear them? I think so, esp since cookies can be injected and stolen by exit nodes (even many https ones). But other people may disagree. Some people really like cookies. I wouldn't expect those people to also like Tor, but I'm sure they're out there. -- Mike Perry Mad Computer Scientist fscked.org evil labs pgpfPWjP3dO85.pgp Description: PGP signature
Re: Torbutton 1.1.8-alpha (Usability improvements)
Could you please also make it compatible with Thunderbird ? Torbutton 1.4 installs (and works) fine with Thunderbird after editing the config file in the xpi package to allow Thunderbird to install it. I suppose it should works as well with the new version ? Thanks. Mike Perry a écrit : This is the 1.1.8 alpha release of the Torbutton Firefox extension. It features significant usability and compatibility enhancements. However, it is still alpha software, so it may have some rough edges. If you notice issues or have usability complaints, now is the time to speak up while things are still easy to change. Please be specific. I have made a good effort to anticipate common usability complaints for this release from the feedback I have so far received, but I am not omniscient. Eventually, this Torbutton will be backported to the stable Tor release, so if you do not speak up soon, you will be perpetually suffering in silence and will be stuck uninstalling the extension every time you upgrade Tor (and leaving yourself vulnerable to numerous anonymity-compromising vulnerabilities in the process). See http://torbutton.torproject.org/dev for more information. Changes in 1.1.8 * bugfix: bug 510: Decouple cookie clearing from Clear Private Data settings * bugfix: bug 474: Decouple password+form saving from history writing * bugfix: bug 460: Rework handling of hooking based on global events+window lookup * bugfix: Hooking fixes for pages with nested frames/iframes * bugfix: Cookies are now properly synced before storing into a jar * misc: Tightened up the alerts a bit more for the javascript hooking * misc: Changed defaults to be less intrusive to non-tor usage * new: Added options to start in Tor and reload cookies after browser crash * new: Added ability to have both Tor and Non-Tor cookie jars http://torbutton.torproject.org/dev/releases/torbutton-1.1.8-alpha.xpi MD5: 39ce0dc3f6b20f79042aad2397baafb4
Re: Torbutton 1.1.8-alpha (Usability improvements)
Thus spake MB ([EMAIL PROTECTED]): Could you please also make it compatible with Thunderbird ? Torbutton 1.4 installs (and works) fine with Thunderbird after editing the config file in the xpi package to allow Thunderbird to install it. I suppose it should works as well with the new version ? Hrmm, unlikely. Most of the stuff the new Torbutton does is very tightly coupled to Firefox 2.0 behavior and recently created unfrozen interfaces and events. Even just supporting Mozilla/Seamonkey properly would probably require a lot of rewriting, and a lot of luck wrt specific behaviors being the same, or even being possible. However, the one good thing we have going for us is that I would think email clients would be much more careful about running random code/plugins that are sent to them. If the thunderbird folks are actually careful about what they allow html email to do, it should be fine to continue running the standard Torbutton, and we probably should create a seperate stripped down Thunderbutton extension or something like this specifically for thunderbird (ie something not too much different than torbutton 1.0.4). What sort of security does thunderbird employ for html mail by default? Does it allow html mail to run javascript, post forms to random websites, run java applets, and/or arbitrary plugins (flash, quicktime, etc)? If it allows any of these things, 1.0.4 may not be enough. -- Mike Perry Mad Computer Scientist fscked.org evil labs pgpRVDwMRplR9.pgp Description: PGP signature
Re: Torbutton 1.1.8-alpha (Usability improvements)
Yes a torbutton for thunderbird would definitely be nice to have. So people won't have to search the web anymore for howtos on how to edit the xpi's config file to get v1.0.4 to install. I don't know how thunderbird handles java, as I have never received flash or form emails. Html email just works, that's all I know. The advanced settings in my thunderbird show: _javascript_.allow.mailnews false _javascript_.enabled true With torbutton enabled, thunderbird will pass everything through tor (http but also the smpt and pop connections). Thanks for the time you are spending on this. Mike Perry a écrit : Thus spake MB ([EMAIL PROTECTED]): Could you please also make it compatible with Thunderbird ? Torbutton 1.4 installs (and works) fine with Thunderbird after editing the config file in the xpi package to allow Thunderbird to install it. I suppose it should works as well with the new version ? Hrmm, unlikely. Most of the stuff the new Torbutton does is very tightly coupled to Firefox 2.0 behavior and recently created "unfrozen" interfaces and events. Even just supporting Mozilla/Seamonkey properly would probably require a lot of rewriting, and a lot of luck wrt specific behaviors being the same, or even being possible. However, the one good thing we have going for us is that I would think email clients would be much more careful about running random code/plugins that are sent to them. If the thunderbird folks are actually careful about what they allow html email to do, it should be fine to continue running the standard Torbutton, and we probably should create a seperate stripped down "Thunderbutton" extension or something like this specifically for thunderbird (ie something not too much different than torbutton 1.0.4). What sort of security does thunderbird employ for html mail by default? Does it allow html mail to run _javascript_, post forms to random websites, run java applets, and/or arbitrary plugins (flash, quicktime, etc)? If it allows any of these things, 1.0.4 may not be enough.
