Another Method to Block Java Hijinks
norvid
norvid at gmail.com
Fri Apr 6 00:18:47 UTC 2007
On 4/5/07, James Muir <jamuir at scs.carleton.ca> wrote:
> norvid wrote:
> > On 4/5/07, James Muir <jamuir at scs.carleton.ca> wrote:
> >> norvid wrote:
> >
> > <snip>
> >
> >> I've heard that properly configuring a firewall can be tricky. In any
> >> case, using a firewall still doesn't protect from Java applets reading
> >> identifying information locally and sending it back through the
> >> anonymous connection.
> >
> > Actually, I believe that with the browser denied access to the
> > internet, the normal 2-way java applet communication is prevented.
> > Please try the test I mentioned.
>
> In the tests that I have done previously, the Java VM inherits the proxy
> settings listed in the browser (at least this is what is supposed to
> happen; sometimes this does not happen). So if the browser is
> configured to use Privoxy and these setting are communicated correctly
> to the Java VM, what is there to stop a Java applet from sending back
> data through Privoxy?
I don't know the answers to these questions other than to say that I
am not configuring any of the proxy settings in the Java VM. They are
the default.
I have tried to configure Java VM proxy settings with no apparent
success. I have no idea why this does not work.
My test might best be performed on a Windows machine as the
availability of software firewalls is fairly extensive. Alot of these
are easily configurable to block the browser and allow Privoxy access.
Although I don't have much experience with Linux, I'm guessing that
it might be a little more difficult to configure than Windows.
I am certain that on my machine using two different firewalls, the
very specific test I detailed will not determine my real IP even
though Java is enabled. Of course it cannot determine my IP if Java
is disabled also.
>
> -James
>
Dave
More information about the tor-talk
mailing list