Conversation
Notices
-
Alberto (moshpirit)'s status on Tuesday, 19-Jan-2016 22:13:14 UTC Alberto
If I have a VPN or use TOR, is there any way that the JS, my cookies, history record, bookmarks, etc reveals who am I? if so, in which cases?
!security !privacy-
ニコラス (nicolasmaia)'s status on Tuesday, 19-Jan-2016 22:20:28 UTC ニコラス
@moshpirit I think there are some fingerprinting methods, since Tor browser asks to not maximize the window to avoid that. -
MMN-o ✅⃠ (mmn)'s status on Wednesday, 20-Jan-2016 14:31:07 UTC MMN-o ✅⃠
@moshpirit Unless "Disconnect" (don't know what that is) rejects third party resource requests, you probably want RequestPolicy Continued too (or just the original #RequestPolicy): https://addons.mozilla.org/en-US/firefox/addon/requestpolicy-continued/
I use that, #NoScript, #HTTPSEverywhere and #PrivacyBadger. -
Mike Gerwitz (mikegerwitz)'s status on Thursday, 21-Jan-2016 00:56:02 UTC Mike Gerwitz
@moshpirit https://panopticlick.eff.org/ checks some things.
#JavaScript has been used to exploit #Tor Browser in the past: https://lists.torproject.org/pipermail/tor-announce/2013-August/000089.html
Never use the same browser for personal (non-tor) browsing and private browsing---there are various ways to track you (including session information in cookies, for example). Some general advice on things not to do here:
https://www.whonix.org/wiki/DoNot
Browsing history has been exploited in the past. Modern browsers should protect against it: https://blog.mozilla.org/security/2010/03/31/plugging-the-css-history-leak/
I recommend the same plugins as @mmn: #NoScript, #HTTPSEverywhere, and #PrivacyBadger.@mcscx@quitter.se and Alberto like this. -
Alberto (moshpirit)'s status on Thursday, 21-Jan-2016 19:26:31 UTC Alberto
@mikegerwitz @mmn Thanks for this amazing and complete answer!
-