> > It seems the right thing to do is mimic a browser, and I can think of at > least three ways to do that: > 1. Try really hard, using NSS or some other library, to look like a > particular browser. > 2. Run a second browser, apart from Tor Browser, that receives commands > from a client PT program and makes the HTTPS requests it is > commanded to. > 3. Run a browser plugin *inside* Tor Browser, that makes HTTPS requests > *directly on the Internet, without going through Tor*. That is, the > plugin receives commands from the client PT program, and then > bypasses all of Tor Browser's proxy settings in order to send HTTPS > requests to the web site fronting the circumvention. > > It's the third option I want to ask about. The first option puts us on > the parrot treadmill. The second has the usability and distribution > problems of running two browsers at once.
Usability might not be such an issue if you're using a headless browser. Distribution still would be.
_______________________________________________ tor-dev mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
