Delivery-Date: Sat, 20 Dec 2014 11:34:15 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.9 required=5.0 tests=BAYES_00,DKIM_ADSP_ALL,
	DKIM_SIGNED,RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID,URIBL_BLOCKED
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 97CF91E0118;
	Sat, 20 Dec 2014 11:34:13 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 0202F324D1;
	Sat, 20 Dec 2014 16:34:09 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 8AEA0324CF
 for <tor-talk@lists.torproject.org>; Sat, 20 Dec 2014 16:34:05 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 0fQY0J-h6DtV for <tor-talk@lists.torproject.org>;
 Sat, 20 Dec 2014 16:34:05 +0000 (UTC)
Received: from contumacia.investici.org (contumacia.investici.org
 [IPv6:2002:b2ff:9023::1])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "smtp.autistici.org",
 Issuer "Autistici/Inventati Certification Authority" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 5A8FF324CD
 for <tor-talk@lists.torproject.org>; Sat, 20 Dec 2014 16:34:05 +0000 (UTC)
X-Greylist: delayed 1136 seconds by postgrey-1.34 at eugeni;
 Sat, 20 Dec 2014 16:34:05 UTC
Received: from [178.255.144.35] (contumacia [178.255.144.35]) (Authenticated
 sender: griffin@cryptolab.net) by localhost (Postfix) with ESMTPSA id
 DEFCB200E42; Sat, 20 Dec 2014 16:15:05 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cryptolab.net;
 s=stigmate; t=1419092106;
 bh=Dd7Vmb9rbBYMgtz1EUcLiPKG6iVioLB4JiabM1hpPXc=;
 h=Date:From:To:Cc:Subject:In-Reply-To:References;
 b=RVNHLK1NTbiFXmrNozzqOy46AiCqBaV9Bix9f2mr3ibSm3Qa+AOh23zlskSsW+fnR
 094inE1KZHHZXtK/YR6OQNaII+Mzfc4l8DDF4fxIX3pXAamLWoKJysyPv1J+cW85L/
 vmNOkeV2kmd9faZIdYQop3xfPWtU09B8zBZy9Sh8=
MIME-Version: 1.0
Date: Sat, 20 Dec 2014 11:15:05 -0500
From: Griffin Boyce <griffin@cryptolab.net>
To: tor-talk@lists.torproject.org
In-Reply-To: <54959676.4080104@umail.iu.edu>
References: <548EE5A5.5060901@riseup.net> <85sigh3q5w.fsf@boum.org>
 <54959676.4080104@umail.iu.edu>
Message-ID: <71bba27a1cef82058f3c8f5c8e32846d@cryptolab.net>
X-Sender: griffin@cryptolab.net
User-Agent: Roundcube Webmail
Cc: Greg Norcie <gnorcie@umail.iu.edu>
Subject: Re: [tor-talk] Including Adblock to TBB to save bandwith
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Greg Norcie wrote:
> Also, from a less philosophical POV, adding any add-ons increases
> attack surface.

   Yeah.  Aside from all of the other legitimate reasons why to not 
bundle an ad blocker with TBB, this is also a large amount of code (and 
filtering rules) that are maintained by an outside entity.  Which makes 
a pretty decent attack vector.

   And also, if you are a filter/autoblocker/adblock/etc, you're 
deferring to someone else's judgment about what you should be able to 
see or read.  I say that as a user of adblock who is okay with the 
tradeoffs (and I whitelist ads on my favorite ad-supported sites).

   I'd be curious about the pros/cons of bundling in something like 
Privacy Badger, which has a bit of a different approach than things like 
Adblock Plus.  But this still goes back to the obvious "blob of outside 
code" and filtering issues that adblock et al have.  I think the best 
answer goes back to user choice -- users can add these and other 
extensions if they'd like, but Tor's software is designed to help bypass 
filters, so baking in filters feels like a step back.

best,
Griffin

-- 
"The apparent safety of modern life is just a shallow skin atop
an ocean of blood, guts and bricked devices."
~Pearce Delphin

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

