Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Re: [Full-disclosure] UnAnonymizer
From: Peter Besenbruch (prblava.net)
Date: Tue Jun 27 2006 - 04:29:14 CDT
> If the app uses an unknow DNS server, I think it's enough of a risk to
> worry about.
I refer folks to the following page on TOR:
"Using privoxy is necessary because browsers leak your DNS requests when
they use a SOCKS proxy directly, which is bad for your anonymity."
That means, your DNS server becomes the DNS server used by the TOR exit
node. I have no idea how many DNS servers operate with poisoned caches,
and the like. If I wanted to do some financial transaction, I think
Cardoso is suggesting a direct connection, instead. In earlier
discussions, people argued that an SSL connection offered some
protection, or warning about pharming attacks.
> On Tue, 27 Jun 2006 08:49:13 +0000 (GMT)
> Brate Sanders <brate_sandersyahoo.co.uk> wrote:
> BS> BS> Is there a security issue hidden somewhere in there or is it
just a bug report sent to the wrong mailing list address? :-)
Hawaiian Astronomical Society: http://www.hawastsoc.org
HAS Deepsky Atlas: http://www.hawastsoc.org/deepsky
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/