BetterPrivacy - necessary?

grarpamp grarpamp at gmail.com
Sat Oct 2 01:58:56 UTC 2010


> I think Polipo was a better cache, and since an HTTP proxy can't filter
>  evil content out of HTTPS responses, Privoxy's filtering was not very
>  useful.

Note though that the definition of evil can be game changed
by running your instance inside a secure sandbox, behind a nat,
and minding your session data appropriately. With no access
to the rest of the system and no crosssite cookie/etc trails,
that's a good win. You're really only left with the case of a rogue
applet doing a 'whatismyip.com' to defeat your use of 1918 space
and then sending the result to whoever your adversary may be.
Depending on what the user is doing, that could be a big weakness
that warrants the tradeoff of disabling 'evil' features.

As usual, it would be awesome to have a tool that could de and re
encapsulate https so that proxies and caches could do their thing with it.
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/



More information about the tor-talk mailing list