Delivery-Date: Tue, 29 Jul 2014 15:57:23 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	FREEMAIL_FROM,RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID autolearn=ham
	version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 7A7711E0AC2
	for <archiver@seul.org>; Tue, 29 Jul 2014 15:57:21 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id E76912FE85;
	Tue, 29 Jul 2014 19:57:16 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id C801A2C2CE
 for <tor-talk@lists.torproject.org>; Tue, 29 Jul 2014 19:50:35 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id BNPLNDLjgESc for <tor-talk@lists.torproject.org>;
 Tue, 29 Jul 2014 19:50:35 +0000 (UTC)
X-Greylist: delayed 83698 seconds by postgrey-1.34 at eugeni;
 Tue, 29 Jul 2014 19:50:35 UTC
Received: from forward9l.mail.yandex.net (forward9l.mail.yandex.net
 [84.201.143.142])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "forwards.mail.yandex.net",
 Issuer "Certum Level IV CA" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 82B192C230
 for <tor-talk@lists.torproject.org>; Tue, 29 Jul 2014 19:50:35 +0000 (UTC)
Received: from smtp16.mail.yandex.net (smtp16.mail.yandex.net [95.108.252.16])
 by forward9l.mail.yandex.net (Yandex) with ESMTP id A6E7EE6430A
 for <tor-talk@lists.torproject.org>; Tue, 29 Jul 2014 23:50:31 +0400 (MSK)
Received: from smtp16.mail.yandex.net (localhost [127.0.0.1])
 by smtp16.mail.yandex.net (Yandex) with ESMTP id 5B9B06A012A
 for <tor-talk@lists.torproject.org>; Tue, 29 Jul 2014 23:50:31 +0400 (MSK)
Received: from ip174.110.ulttk.ru (ip174.110.ulttk.ru [79.132.110.174])
 by smtp16.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id bu2drmTyVa-oUDeH05S; 
 Tue, 29 Jul 2014 23:50:31 +0400
 (using TLSv1 with cipher AES128-SHA (128/128 bits))
 (Client certificate not present)
X-Yandex-Uniq: d2e525f1-5be9-4ff1-8af2-850f3aae13f5
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail;
 t=1406663431; bh=d5qM2uxZEYXvh+iERwMa05duCXLC9VIvNuGYWvh8WDI=;
 h=Message-ID:Date:From:User-Agent:MIME-Version:To:Subject:
 References:In-Reply-To:Content-Type:Content-Transfer-Encoding;
 b=bK9wBDuguRmtpqJXzLAOvf0FCBr+u3mQUPJh4fOqMVdxmtjkzsOTXUylXYCO49EhS
 h5hSZcOkN8oIJq6Zy0HYuE8UQu8JYbbZUIA71wx9b4BRTHuVyMQi7qVkIt1Ko1ipkX
 9nMInKDL6JKAbKUckfcQ84oBm4nTAgNr9q2zJPAU=
Authentication-Results: smtp16.mail.yandex.net; dkim=pass header.i=@yandex.ru
Message-ID: <53D7FB01.2040602@yandex.ru>
Date: Tue, 29 Jul 2014 23:50:25 +0400
From: Craw <paulus.smirnov@yandex.ru>
User-Agent: Mozilla/5.0 (Windows NT 6.1;
 rv:24.0) Gecko/20100101 Thunderbird/24.5.0
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
References: <53D3F004.6070209@yandex.ru> <53D412F9.4030107@googlemail.com>
 <53D6B3F0.8030706@yandex.ru> <53D6E666.9070108@gmx.com>
In-Reply-To: <53D6E666.9070108@gmx.com>
Subject: Re: [tor-talk] Spoofing a browser profile to prevent fingerprinting
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Real privacy or false feeling of pseudo-privacy?

"It breaks lots of sites" - now it's the only reason why JS is enabled.
We do everything to make Tor easy-to-use for all users... but we give
them only a false feeling of pseudo-privacy. Adequately determine your
aim and the enemy's abilities. Your aim is to be anonymous. Who's your
enemy? Other users, neighbors, provider? No, you want to hide from the
government. So, your enemy controls ALL channels of communication.

Using SOCKS for torrent, Tor Browser or VPN you've bought on your
credit card, I2P on Windows - it's just playing in hide'n'seek: you
are invisible while nobody is looking for you.
TailsOS with virtual machine, where all connections go only through
Tor and I2P, VPN registered for a fake person and bought on Bitcoin...
That's all not something paranoidal - it's just the basic way to stay
anonymous. And make JS enabled by default only because it's
comfortable - well, maybe it's more comfortable to use proxy instead
of tor?


On 29.07.2014 4:10, Joe Btfsplk wrote:
> This is all interesting, but I'm still concerned that the use / non
> use / intermittent use of java script still stares TBB users in the
> face.
> 
> And it seems like the family secret no one wants to discuss. As
> outlined in the TBB FAQ, there are distinct drawbacks - no matter
> how js is approached. Whether it's always allowed, (almost) never
> allowed, or configured per site - all 3 have distinct cons.
> 
> One problem is, there's no "ruling" from Tor devs.  One reason for
> that is disabling it breaks lots of sites.
> 
> But unless the MUCH greater amount of fingerprinting data that's 
> available when JS * IS * enabled is not enough to be concerned
> about (I can't imagine that), then it may not matter how well *
> some *other data are concealed. Plus, unless you go to only a few
> sites that require no JS, you have to turn it on - at least some. 
> But, enabling JS allows sites to get FAR more info & allows
> trackers to compare that fingerprint to other sites you visit
> (unless you change the fingerprint between each site).
> 
> And supposedly leaving JS off (if possible) distinguishes you from
> other TBB users that leave NoScript at the default setting.
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.21 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJT1/sAAAoJEHoSQ4zXvBr4fE8IAKIsZ0K5+IqhLFCP1V/nb26z
WBWWgdywEVTupONa/p63rWULTBqoSnb8yveEnM9K6vnc2hFTrHhPVPQq5umj3XQ/
8d653+T3p1G0JadhoRKrJP+1PBDn0qmGivTxEYXk3RbatT6Swaa+0Y2zzUzcragd
7WKxtChYkgX0YKRLiKhjPxgMJOYBxSuGNrUeyrK9DLrAJQqEuBAhXAGf2LjAr3n5
mbQ6//lNZy8XzYt0XxoRxAZGsQ3xzxMZVzXdbkTCEW6oT41VXJzISdjXcXVUFZ1N
ajWStDJzDfWTxBUR3zrNthGh/ubNXFfOqO7tphb8YZhFgkbjQ5VPo+Re+D6FTGo=
=vNI4
-----END PGP SIGNATURE-----
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

