Silk Road forums
Discussion => Security => Topic started by: TravellingWithoutMoving on August 09, 2013, 08:43 pm
-
Browser Bundle as well so that users can always be aware of major issues.
https://www.torproject.org/download/download-easy.html.en
Tor Browser Bundle (2.3.25-11)
Update Firefox to 17.0.8esr
https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.8
Fixed in Firefox ESR 17.0.8
MFSA 2013-75 Local Java applets may read contents of local file system
MFSA 2013-73 Same-origin bypass with web workers and XMLHttpRequest
MFSA 2013-72 Wrong principal used for validating URI for some Javascript components
MFSA 2013-71 Further Privilege escalation through Mozilla Updater
MFSA 2013-69 CRMF requests allow for code execution and XSS attacks
MFSA 2013-68 Document URI misrepresentation and masquerading
MFSA 2013-66 Buffer overflow in Mozilla Maintenance Service and Mozilla Updater
MFSA 2013-63 Miscellaneous memory safety hazards (rv:23.0 / rv:17.0.8)
Update HTTPS Everywhere to 3.3.1
Update NoScript to 2.6.7
Update LibPNG to 1.6.3
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Tor Browser Bundle (2.4.15-beta-2)
Update Firefox to 17.0.8esr
https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox17.0.8
HTTPS Everywhere to 4.0development.9
Update PDF.js to 0.8.298
Update NoScript to 2.6.6.9
Update LibPNG to 1.6.3
-
and don't forget that once it's installed you need to turn on noscript and any of the other options you had turned off before.. like turning on the don't track me and for more protection turn off js in the options.
-
Better upgrade now my niggers unless you want ol pervert uncle sam nosing through your internets.
-
and don't forget that once it's installed you need to turn on noscript and any of the other options you had turned off before.. like turning on the don't track me and for more protection turn off js in the options.
This is what I've done after a clean install of the updated ToR browser.
Unticked "Enable JavaScript" from the Content tab on Firefox's options.
Ticked "Tell websites I do not want to be tracked" from the Privacy tab in Firefox's options.
Ticked the top 8 boxes on the Embeddings page in NoScript's options (Click the "S" button next to the address bar, choose options)
Am I missing anything?
-
not that I know of, although that doesn't mean that there's not something else that hopefully someone will come along and point out so we both know.
Just as a matter of interest, if you click on the green onion and go to cookie preferences, you'll see all the cookies you've picked up during the browser session. Only two of them are for the forums and one for SR (assuming you've logged into both during the session). They're all deleted when you close the browser but I think it does no harm to get rid of any you've picked up during the session if you've been going to sites other than the forums or SR. I don't know enough about cookies to feel comfortable that any outside of the SR sites are benevolent.
-
I started having trouble with the onion browser in TOR kept getting error messages. Was driving me NUTS. I'm not a computer geek but know enough so I restored my laptop to factory settings, then re-installed the TOR browser and now working like a charm again. For a few days I was fiending for my SR!
-
I started having trouble with the onion browser in TOR kept getting error messages. Was driving me NUTS. I'm not a computer geek but know enough so I restored my laptop to factory settings, then re-installed the new TOR browser and now working like a charm again!
-
All set here. Thanks for posting. Everyone do their updates!
-
and don't forget that once it's installed you need to turn on noscript and any of the other options you had turned off before.. like turning on the don't track me and for more protection turn off js in the options.
This is what I've done after a clean install of the updated ToR browser.
Unticked "Enable JavaScript" from the Content tab on Firefox's options.
Ticked "Tell websites I do not want to be tracked" from the Privacy tab in Firefox's options.
Ticked the top 8 boxes on the Embeddings page in NoScript's options (Click the "S" button next to the address bar, choose options)
Am I missing anything?
Im not incredibly tech savvy. I ticked off the 8 boxes in no script but I cant find the firefox options. How do I get to those options? I looked through the folders in my Tor bundle but couldnt find anything. Simple step by step would be great. I cant even figure out how to launch firefox. Any help is appreciated.
-
on your menu toolbar go to Tools then options. Tor is based on firefox and they've left the firefox options there plus added their own options settings (click on the onion and choose preferences to see them)
-
When I run the new Vidalia, the browser never pops up. I'm on a nix and am running from cmd line.
Can I get away with the old build until they resolve this?
-
do you get the viadalia window and does the browser start when you click the start tor button?
-
when you go into NoScript options..
is it best to check all of the eight listings up top in the "Embeddings" tab..?
thanks.
/thumbs
-
when you go into NoScript options..
is it best to check all of the eight listings up top in the "Embeddings" tab..?
thanks.
/thumbs
I've got them all checked and it doesn't seem to have stopped me doing anything I need to here or on the SR site. If you want to check out other SR sites it might I suppose.. you'll only know when you try.
-
not that I know of, although that doesn't mean that there's not something else that hopefully someone will come along and point out so we both know.
Just as a matter of interest, if you click on the green onion and go to cookie preferences, you'll see all the cookies you've picked up during the browser session. Only two of them are for the forums and one for SR (assuming you've logged into both during the session). They're all deleted when you close the browser but I think it does no harm to get rid of any you've picked up during the session if you've been going to sites other than the forums or SR. I don't know enough about cookies to feel comfortable that any outside of the SR sites are benevolent.
Ok thanks. And yeah I have 3 cookies after browsing SR and these forums, I'm not gonna branch out onto any other sites anymore.