Silk Road forums
Discussion => Security => Topic started by: PlaneMode on May 14, 2012, 05:55 pm
-
So, I am currently not allowing script when I use tor, it says it is recommended.
But, I can't use the smileys >.< I don't mind, I just wanted to know how important this is and what I am being protected against.
-
For smiley faces you'll be fine, but if you allow scripts and accidentally run a Java applet, Flash applet, ActiveX script or Silverlight etc then you run the risk of leaking your IP.
-
For smiley faces you'll be fine, but if you allow scripts and accidentally run a Java applet, Flash applet, ActiveX script or Silverlight etc then you run the risk of leaking your IP.
Ah thanks, is there a way to shut off java while using firefox/ tor? or does turning off the scripts does already?
-
There's an attack vector in browsers known as 'javascript heap spraying'
it allows sites to run malicious code on your machine by exploiting vulnerabilities in a browser's javascript engine
I'm reading a paper now about attacking tor at the application layer (using javascript to ID a client)
-
I tend to block ALL scripts and unblock the things I want to see. Tedious, and I don't do it 100% of the time, but it does mean NO scripts.