[tor-talk] Any risks with another application using Tor's SOCKS 5 interface?
Georg Koppen
georg at getfoxyproxy.org
Sat Dec 7 19:18:26 UTC 2013
Hi,
James Marshall:
> Thanks for the link to TBB's design document-- very useful. I haven't read
> it all, but I'm looking at section 2.2, "Privacy Requirements":
>
> 1) "Cross-Origin Identifier Unlinkability"-- so do sites with CORS or
> Content-Security-Policy: not work through Tor? CGIProxy supports CSP but
> not CORS yet; I could add a flag to disable those two technologies.
they are working. In a privacy-preserving way. See:
https://www.torproject.org/projects/torbrowser/design/#identifier-linkability
for a more in-depth explanation what is meant by this and for the state
of the implementation + what is missing. (You might want to look at
section 4.6 as well as identifiers are not the only issue here.)
Georg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20131207/53b316bf/attachment.sig>
More information about the tor-talk
mailing list