Delivery-Date: Sun, 12 Apr 2015 02:47:56 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,FREEMAIL_FROM,
	RCVD_IN_DNSWL_MED,T_RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id BF59E1E0DC2
	for <archiver@seul.org>; Sun, 12 Apr 2015 02:47:54 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id CA44033BBF;
	Sun, 12 Apr 2015 06:47:47 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 52E0C32DC3
 for <tor-talk@lists.torproject.org>; Sun, 12 Apr 2015 06:47:44 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id VenouUd6apAz for <tor-talk@lists.torproject.org>;
 Sun, 12 Apr 2015 06:47:44 +0000 (UTC)
Received: from continuum.iocl.org (continuum.iocl.org [217.140.74.2])
 by eugeni.torproject.org (Postfix) with ESMTP id 9874524C0E
 for <tor-talk@lists.torproject.org>; Sun, 12 Apr 2015 06:47:40 +0000 (UTC)
Received: (from krey@localhost)
 by continuum.iocl.org (8.11.3/8.9.3) id t3C6las13226;
 Sun, 12 Apr 2015 08:47:36 +0200
Date: Sun, 12 Apr 2015 08:47:35 +0200
From: Andreas Krey <a.krey@gmx.de>
To: tor-talk@lists.torproject.org
Message-ID: <20150412064735.GA25987@inner.h.apk.li>
References: <54E36CA2.9040504@mykolab.com> <5529BA28.30909@rawbw.com>
Mime-Version: 1.0
Content-Disposition: inline
In-Reply-To: <5529BA28.30909@rawbw.com>
User-Agent: Mutt/1.4.2.1i
X-message-flag: What did you expect to see here?
Cc: libertas@mykolab.com
Subject: Re: [tor-talk] [tor-dev] Porting Tor Browser to the BSDs
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On Sat, 11 Apr 2015 17:19:52 +0000, Yuri wrote:
...
> There is no need to port TBB to BSD. Not worth of the effort. TBB is 
> unable to 100% separate tor and non-tor connections due to the network 
> stack architecture.

I'm not sure whether you're barking up the right tree.

> TBB users are typically recommended to disable 
> JavaScript, to disable Flash,

TBB comes without javascript.

> ... to not use any plugins and addons, etc.

This is (also) about fingerprinting issues. You're not
anonymous when your HTTP headers look different from
anybody else's.

> This doesn't sound like a very secure 
> system. The potential leaks (IP and DNS) are virtually unavoidable with TBB.

TBB is specific browser bundled with (lowercase) tor. The former
has some patches to avoid all kinds of information leakage.

> Security-by-isolation approach provides much better security in general, 
> because it relies on the small and simple code in the core of the 
> network tunnel.

Depending on what browser (or other tools) you use behind the
isolation you may be fully re-cognizable as the same person
(not identifyable) despite coming from random tor exit nodes.

> Whonix https://www.whonix.org is a very good solution available on all 
> BSDs today. For some reason it remains under-appreciated.

Tails also comes to mind.

Andreas

-- 
"Totally trivial. Famous last words."
From: Linus Torvalds <torvalds@*.org>
Date: Fri, 22 Jan 2010 07:29:21 -0800
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

