tor-webwml.git

torbutton/en/index.wml   1) ## translation metadata

torbutton/en/index.wml   2) # Revision: $Revision$
torbutton/en/index.wml   3) # Translation-Priority: 3-low

torbutton/en/index.wml   4) 
torbutton/en/index.wml   5) #include "head.wmi" TITLE="Torbutton - Quickly toggle Firefox's use of the Tor network"
torbutton/en/index.wml   6) 
torbutton/en/index.wml   7) <div class="main-column">
torbutton/en/index.wml   8) 
torbutton/en/index.wml   9) <!-- PUT CONTENT AFTER THIS TAG -->

torbutton/index.wml     10) 
torbutton/index.wml     11) <link rel="search" type="application/opensearchdescription+xml" title="Google Canada" href="search/google-ca.xml">

torbutton/en/index.wml  12) <link rel="search" type="application/opensearchdescription+xml" title="Google UK" href="search/google-uk.xml">

torbutton/index.wml     13) <link rel="search" type="application/opensearchdescription+xml" title="Google USA" href="search/google-us.xml">

torbutton/en/index.wml  14) <script type="text/javascript">

torbutton/index.wml     15) 
torbutton/index.wml     16) function addSearchProvider(prov) {
torbutton/index.wml     17) 
torbutton/index.wml     18) try {
torbutton/index.wml     19) window.external.AddSearchProvider(prov);
torbutton/index.wml     20) }
torbutton/index.wml     21) 
torbutton/index.wml     22) catch (e) {
torbutton/index.wml     23) alert("Search plugins require Firefox 2");
torbutton/index.wml     24) return;
torbutton/index.wml     25) }
torbutton/index.wml     26) }
torbutton/index.wml     27) 
torbutton/index.wml     28) function addEngine(name,ext,cat,pid)
torbutton/index.wml     29) {
torbutton/index.wml     30)   if ((typeof window.sidebar == "object") && (typeof window.sidebar.addSearchEngine == "function")) {
torbutton/index.wml     31)     window.sidebar.addSearchEngine(
torbutton/index.wml     32)       "http://mycroft.mozdev.org/install.php/" + pid + "/" + name + ".src",
torbutton/index.wml     33)       "http://mycroft.mozdev.org/install.php/" + pid + "/" + name + "."+ ext, name, cat );
torbutton/index.wml     34)   } else {
torbutton/index.wml     35)     alert("You will need a browser which supports Sherlock to install this plugin.");
torbutton/index.wml     36)   }
torbutton/index.wml     37) }
torbutton/index.wml     38) 
torbutton/index.wml     39) function addOpenSearch(name,ext,cat,pid,meth)
torbutton/index.wml     40) {
torbutton/index.wml     41)   if ((typeof window.external == "object") && ((typeof window.external.AddSearchProvider == "unknown") || (typeof window.external.AddSearchProvider == "function"))) {
torbutton/index.wml     42)     if ((typeof window.external.AddSearchProvider == "unknown") && meth == "p") {
torbutton/index.wml     43)       alert("This plugin uses POST which is not currently supported by Internet Explorer's implementation of OpenSearch.");
torbutton/index.wml     44)     } else {
torbutton/index.wml     45)       window.external.AddSearchProvider(
torbutton/index.wml     46)         "http://mycroft.mozdev.org/installos.php/" + pid + "/" + name + ".xml");
torbutton/index.wml     47)     }
torbutton/index.wml     48)   } else {
torbutton/index.wml     49)     alert("You will need a browser which supports OpenSearch to install this plugin.");
torbutton/index.wml     50)   }
torbutton/index.wml     51) }
torbutton/index.wml     52) 
torbutton/index.wml     53) function addOpenSearch2(name,ext,cat,pid,meth)
torbutton/index.wml     54) {
torbutton/index.wml     55)   if ((typeof window.external == "object") && ((typeof window.external.AddSearchProvider == "unknown") || (typeof window.external.AddSearchProvider == "function"))) {
torbutton/index.wml     56)     if ((typeof window.external.AddSearchProvider == "unknown") && meth == "p") {
torbutton/index.wml     57)       alert("This plugin uses POST which is not currently supported by Internet Explorer's implementation of OpenSearch.");
torbutton/index.wml     58)     } else {
torbutton/index.wml     59)       window.external.AddSearchProvider(
torbutton/index.wml     60)         "http://torbutton.torproject.org/dev/search/" + name + ".xml");
torbutton/index.wml     61)     }
torbutton/index.wml     62)   } else {
torbutton/index.wml     63)     alert("You will need a browser which supports OpenSearch to install this plugin.");
torbutton/index.wml     64)   }
torbutton/index.wml     65) }
torbutton/index.wml     66) 
torbutton/index.wml     67) function install (aEvent)
torbutton/index.wml     68) {
torbutton/index.wml     69)   var params = {
torbutton/index.wml     70)     "Torbutton": { URL: aEvent.target.href,
torbutton/index.wml     71)              Hash: aEvent.target.getAttribute("hash"),
torbutton/index.wml     72)              toString: function () { return this.URL; }
torbutton/index.wml     73)     }
torbutton/index.wml     74)   };
torbutton/index.wml     75)   InstallTrigger.install(params);
torbutton/index.wml     76) 
torbutton/index.wml     77)   return false;
torbutton/index.wml     78) }
torbutton/index.wml     79) 
torbutton/index.wml     80) 
torbutton/index.wml     81) </script>
torbutton/index.wml     82) 

torbutton/en/index.wml  83) <h2>Torbutton</h2>
torbutton/en/index.wml  84) <hr>
torbutton/en/index.wml  85) 

torbutton/en/index.wml  86) <strong>Current version:</strong><version-torbutton><br/>

torbutton/index.wml     87) <br/>
torbutton/index.wml     88) <strong>Authors:</strong> Scott Squires &amp; Mike Perry<br>
torbutton/index.wml     89) <strong>Email:</strong> squires at freehaven dot net, mikeperry (o) fscked/org<br/>
torbutton/index.wml     90) <br/>
torbutton/index.wml     91) <strong>Install:</strong> 

torbutton/en/index.wml  92) <a href="http://www.torproject.org/torbutton/torbutton-current.xpi"

torbutton/en/index.wml  93)   hash="<version-hash-torbutton>"

torbutton/index.wml     94)   onclick="return install(event);">Local (Javascript verified)</a><br/>

torbutton/en/index.wml  95) <strong>Past Releases:</strong> <a href="releases/">Local</a><br/>

torbutton/index.wml     96) <strong>Developer Documentation:</strong> <a href="design/">Torbutton Design Document</a> and <a href="design/MozillaBrownBag.pdf">Slides (Not actively updated)</a><br/>
torbutton/index.wml     97) <strong>Extras:</strong> 
torbutton/index.wml     98) 
torbutton/index.wml     99) Google search plugins for
torbutton/index.wml    100) 
torbutton/index.wml    101) <a href="/jsreq.html" title="Ref: 14938 (googleCA)"
torbutton/index.wml    102)  onClick="addOpenSearch('GoogleCanada','ico','General','14937','g');return false">Google CA</a>, and 
torbutton/index.wml    103) 
torbutton/index.wml    104) <a href="/jsreq.html" title="Ref: 14938 (googleCA)"
torbutton/index.wml    105)  onClick="addOpenSearch('googleuk_web','png','General','14445','g');return false">Google UK</a>.
torbutton/index.wml    106) <br/>
torbutton/index.wml    107) <!--
torbutton/index.wml    108) <strong>Install:</strong> <a href="torbutton-1.0.4.xpi">torbutton-1.0.4.xpi</a><br/>
torbutton/index.wml    109) -->

torbutton/en/index.wml 110) <strong>Source:</strong> You can <a
torbutton/en/index.wml 111) href="https://svn.torproject.org/svn/torbutton/trunk/">browse the
torbutton/en/index.wml 112) repository</a> or simply unzip the xpi.

torbutton/index.wml    113) <br/>

torbutton/en/index.wml 114) <strong>Bug Reports:</strong> <a href="https://bugs.torproject.org/flyspray/index.php?tasks=all&amp;project=5">Torproject flyspray</a><br/>

torbutton/en/index.wml 115) <strong>Documents:</strong> <b>[</b> <a href="#FAQ">FAQ</a> <b>|</b>
torbutton/en/index.wml 116) <a href="https://svn.torproject.org/svn/torbutton/trunk/src/CHANGELOG">changelog</a> <b>|</b>
torbutton/en/index.wml 117) <a href="https://svn.torproject.org/svn/torbutton/trunk/src/LICENCE">license</a> <b>|</b>
torbutton/en/index.wml 118) <a href="https://svn.torproject.org/svn/torbutton/trunk/src/CREDITS">credits</a> <b>]</b><br/>

torbutton/index.wml    119) <h2>About</h2>
torbutton/index.wml    120) <p>

torbutton/en/index.wml 121) Torbutton is a 1-click way for Firefox users to enable or disable
torbutton/en/index.wml 122) the browser's use of <a href="<page index>">Tor</a>.
torbutton/en/index.wml 123) It adds a panel to the statusbar that says "Tor Enabled" (in green) or
torbutton/en/index.wml 124) "Tor Disabled" (in red).  The user may click on the panel to toggle
torbutton/en/index.wml 125) the status.  If the user (or some other extension) changes the proxy
torbutton/en/index.wml 126) settings, the change is automatically reflected in the statusbar.

torbutton/index.wml    127) </p><p>

torbutton/en/index.wml 128) Some users may prefer a toolbar button instead of a statusbar panel.  Such
torbutton/en/index.wml 129) a button is included, and one adds it to the toolbar by right-clicking
torbutton/en/index.wml 130) on the desired toolbar, selecting "Customize...", and then dragging the
torbutton/en/index.wml 131) Torbutton icon onto the toolbar.  There is an option in the preferences
torbutton/en/index.wml 132) to hide the statusbar panel (Tools->Extensions, select Torbutton,
torbutton/en/index.wml 133) and click on Preferences).

torbutton/index.wml    134) </p>
torbutton/index.wml    135) <p>

torbutton/en/index.wml 136) Newer Firefoxes have the ability to send DNS resolves through the socks
torbutton/en/index.wml 137) proxy, and Torbutton will make use of this feature if it is available
torbutton/en/index.wml 138) in your version of Firefox.

torbutton/index.wml    139) </p>
torbutton/index.wml    140) 
torbutton/index.wml    141) <a id="FAQ"></a><h2>FAQ</h2>
torbutton/index.wml    142) 
torbutton/index.wml    143) <strong>I can't click on links or hit reload after I toggle Tor! Why?</strong>
torbutton/index.wml    144) <p>
torbutton/index.wml    145) 
torbutton/index.wml    146) Due to <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=409737">Firefox
torbutton/index.wml    147) Bug 409737</a>, pages can still open popups and perform Javascript redirects
torbutton/index.wml    148) and history access after Tor has been toggled. These popups and redirects can
torbutton/index.wml    149) be blocked, but unfortunately they are indistinguishable from normal user
torbutton/index.wml    150) interactions with the page (such as clicking on links, opening them in new
torbutton/index.wml    151) tabs/windows, or using the history buttons), and so those are blocked as a
torbutton/index.wml    152) side effect. Once that Firefox bug is fixed, this degree of isolation will
torbutton/index.wml    153) become optional (for people who do not want to accidentally click on links and
torbutton/index.wml    154) give away information via referrers). A workaround is to right click on the
torbutton/index.wml    155) link, and open it in a new tab or window. The tab or window won't load
torbutton/index.wml    156) automatically, but you can hit enter in the URL bar, and it will begin
torbutton/index.wml    157) loading. Hitting enter in the URL bar will also reload the page without
torbutton/index.wml    158) clicking the reload button.
torbutton/index.wml    159) 
torbutton/index.wml    160) </p>
torbutton/index.wml    161) 
torbutton/index.wml    162) <strong>My browser is in some weird state where nothing works right!</strong>
torbutton/index.wml    163) <p>
torbutton/index.wml    164) 
torbutton/index.wml    165) Try to disable Tor by clicking on the button, and then open a new window. If
torbutton/index.wml    166) that doesn't fix the issue, go to the preferences page and hit 'Restore
torbutton/index.wml    167) Defaults'. This should reset the extension and Firefox to a known good
torbutton/index.wml    168) configuration.  If you can manage to reproduce whatever issue gets your
torbutton/index.wml    169) Firefox wedged, please file details at <a

torbutton/en/index.wml 170) href="https://bugs.torproject.org/flyspray/index.php?tasks=all&project=5">the

torbutton/index.wml    171) bug tracker</a>.
torbutton/index.wml    172) 
torbutton/index.wml    173) </p>
torbutton/index.wml    174) 
torbutton/index.wml    175) <strong>When I toggle Tor, my sites that use javascript stop working. Why?</strong>
torbutton/index.wml    176) <p>
torbutton/index.wml    177) 
torbutton/index.wml    178) Javascript can do things like wait until you have disabled Tor before trying
torbutton/index.wml    179) to contact its source site, thus revealing your IP address. As such, Torbutton
torbutton/index.wml    180) must disable Javascript, Meta-Refresh tags, and certain CSS behavior when Tor
torbutton/index.wml    181) state changes from the state that was used to load a given page. These features 
torbutton/index.wml    182) are re-enabled when Torbutton goes back into the state that was used to load
torbutton/index.wml    183) the page, but in some cases (particularly with Javascript and CSS) it is
torbutton/index.wml    184) sometimes not possible to fully recover from the resulting errors, and the
torbutton/index.wml    185) page is broken. Unfortunately, the only thing you can do (and still remain
torbutton/index.wml    186) safe from having your IP address leak) is to reload the page when you toggle
torbutton/index.wml    187) Tor, or just ensure you do all your work in a page before switching tor state.
torbutton/index.wml    188) 
torbutton/index.wml    189) </p>
torbutton/index.wml    190) 
torbutton/index.wml    191) 
torbutton/index.wml    192) <strong>When I use Tor, Firefox is no longer filling in logins/search boxes
torbutton/index.wml    193) for me. Why?</strong>
torbutton/index.wml    194) <p>
torbutton/index.wml    195) 
torbutton/index.wml    196) Currently, this is tied to the "<b>Block history writes during Tor</b>"
torbutton/index.wml    197) setting. If you have enabled that setting, all formfill functionality (both
torbutton/index.wml    198) saving and reading) is disabled. If this bothers you, you can uncheck that
torbutton/index.wml    199) option, but both history and forms will be saved. To prevent history
torbutton/index.wml    200) disclosure attacks via Non-Tor usage, it is recommended you disable Non-Tor
torbutton/index.wml    201) history reads if you allow history writing during Tor.
torbutton/index.wml    202) 
torbutton/index.wml    203) </p>
torbutton/index.wml    204) 
torbutton/index.wml    205) 
torbutton/index.wml    206) <strong>Which Firefox extensions should I avoid using?</strong>
torbutton/index.wml    207) <p>
torbutton/index.wml    208) 
torbutton/index.wml    209) This is a tough one. There are thousands of Firefox extensions: making a
torbutton/index.wml    210) complete list of ones that are bad for anonymity is near impossible. However,
torbutton/index.wml    211) here are a few examples that should get you started as to what sorts of
torbutton/index.wml    212) behavior are dangerous.
torbutton/index.wml    213) 
torbutton/index.wml    214) <ol>
torbutton/index.wml    215)  <li>StumbleUpon, et al</li>
torbutton/index.wml    216)  These extensions will send all sorts of information about the websites you
torbutton/index.wml    217)  visit to the stumbleupon servers, and correlate this information with a
torbutton/index.wml    218)  unique identifier. This is obviously terrible for your anonymity.
torbutton/index.wml    219)  More generally, any sort of extension that requires registration, or even
torbutton/index.wml    220)  extensions that provide information about websites you visit should be
torbutton/index.wml    221)  suspect.
torbutton/index.wml    222) 
torbutton/index.wml    223)  <li>FoxyProxy</li>
torbutton/index.wml    224) 
torbutton/index.wml    225) While FoxyProxy is a nice idea in theory, in practice it is impossible to
torbutton/index.wml    226) configure securely for Tor usage without Torbutton. Like all vanilla third
torbutton/index.wml    227) party proxy plugins, the main risks are <a
torbutton/index.wml    228) href="http://www.metasploit.com/research/projects/decloak/">plugin leakage</a>
torbutton/index.wml    229) and <a href="http://ha.ckers.org/weird/CSS-history.cgi">history
torbutton/index.wml    230) disclosure</a>, followed closely by cookie theft by exit nodes and tracking by
torbutton/index.wml    231) adservers (see the <a href="design/index.html#adversary">Torbutton Adversary
torbutton/index.wml    232) Model</a> for more information). However, even with Torbutton installed in
torbutton/index.wml    233) tandem and always enabled, it is still very difficult (though not impossible)
torbutton/index.wml    234) to configure FoxyProxy securely. Since FoxyProxy's 'Patterns' mode only
torbutton/index.wml    235) applies to specific urls, and not to an entire tab, setting FoxyProxy to only
torbutton/index.wml    236) send specific sites through Tor will still allow adservers to still learn your
torbutton/index.wml    237) real IP. Worse, if those sites use offsite logging services such as Google
torbutton/index.wml    238) Analytics, you may still end up in their logs with your real IP. Malicious
torbutton/index.wml    239) exit nodes can also cooperate with sites to inject images into pages that
torbutton/index.wml    240) bypass your filters. Setting FoxyProxy to only send certain URLs via Non-Tor
torbutton/index.wml    241) is much more viable, but be very careful with the filters you allow. For
torbutton/index.wml    242) example, something as simple as allowing *google* to go via Non-Tor will still
torbutton/index.wml    243) cause you to end up in all the logs of all websites that use Google Analytics!
torbutton/index.wml    244) See <a href="http://foxyproxy.mozdev.org/faq.html#privacy-01">this
torbutton/index.wml    245) question</a> on the FoxyProxy FAQ for more information.
torbutton/index.wml    246) 
torbutton/index.wml    247)  <li>NoScript</li>
torbutton/index.wml    248)  Torbutton currently mitigates all known anonymity issues with Javascript.
torbutton/index.wml    249)  While it may be tempting to get better security by disabling Javascript for
torbutton/index.wml    250)  certain sites, you are far better off with an all-or-nothing approach.
torbutton/index.wml    251)  NoScript is exceedingly complicated, and has many subtleties that can surprise
torbutton/index.wml    252)  even advanced users. For example, addons.mozilla.org verifies extension
torbutton/index.wml    253)  integrity via Javascript over https, but downloads them in the clear. Not 
torbutton/index.wml    254)  adding it to your whitelist effectively
torbutton/index.wml    255)  means you are pulling down unverified extensions. Worse still, using NoScript
torbutton/index.wml    256)  can actually disable protections that Torbutton itself provides via
torbutton/index.wml    257)  Javascript, yet still allow malicious exit nodes to compromise your
torbutton/index.wml    258)  anonymity via the default whitelist (which they can spoof to inject any script  they want). 
torbutton/index.wml    259) 
torbutton/index.wml    260) </ol>
torbutton/index.wml    261) 
torbutton/index.wml    262) </p>
torbutton/index.wml    263) 
torbutton/index.wml    264) <strong>Which Firefox extensions do you recommend?</strong>
torbutton/index.wml    265) <p>
torbutton/index.wml    266) <ol>

torbutton/en/index.wml 267)  <li><a href="https://addons.mozilla.org/firefox/addon/953">RefControl</a></li>

torbutton/index.wml    268)  Mentioned above, this extension allows more fine-grained referrer spoofing
torbutton/index.wml    269) than Torbutton currently provides. It should break less sites than Torbutton's
torbutton/index.wml    270) referrer spoofing option.

torbutton/en/index.wml 271)  <li><a href="https://addons.mozilla.org/firefox/addon/1474">SafeCache</a></li>

torbutton/index.wml    272)  If you use Tor excessively, and rarely disable it, you probably want to
torbutton/index.wml    273) install this extension to minimize the ability of sites to store long term
torbutton/index.wml    274) identifiers in your cache. This extension applies same origin policy to the
torbutton/index.wml    275) cache, so that elements are retrieved from the cache only if they are fetched
torbutton/index.wml    276) from a document in the same origin domain as the cached element. 
torbutton/index.wml    277) </ol>
torbutton/index.wml    278) 
torbutton/index.wml    279) </p>
torbutton/index.wml    280) 
torbutton/index.wml    281) <strong>Are there any other issues I should be concerned about?</strong>
torbutton/index.wml    282) <p>
torbutton/index.wml    283) 
torbutton/index.wml    284) There is currently one known unfixed security issue with Torbutton: it is
torbutton/index.wml    285) possible to unmask the javascript hooks that wrap the Date object to conceal
torbutton/index.wml    286) your timezone in Firefox 2, and the timezone masking code does not work at all
torbutton/index.wml    287) on Firefox 3. We are working with the Firefox team to fix one of <a
torbutton/index.wml    288) href="https://bugzilla.mozilla.org/show_bug.cgi?id=392274">Bug 399274</a> or
torbutton/index.wml    289) <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=419598">Bug 419598</a>
torbutton/index.wml    290) to address this. In the meantime, it is possible to set the <b>TZ</b>
torbutton/index.wml    291) environment variable to <b>UTC</b> to cause the browser to use UTC as your
torbutton/index.wml    292) timezone. Under Linux, you can add an <b>export TZ=UTC</b> to the
torbutton/index.wml    293) /usr/bin/firefox script, or edit your system bashrc to do the same. Under
torbutton/index.wml    294) Windows, you can set either a <a
torbutton/index.wml    295) href="http://support.microsoft.com/kb/310519">User or System Environment
torbutton/index.wml    296) Variable</a> for TZ via My Computer's properties. In MacOS, the situation is
torbutton/index.wml    297) <a
torbutton/index.wml    298) href="http://developer.apple.com/documentation/MacOSX/Conceptual/BPRuntimeConfig/Articles/EnvironmentVars.html#//apple_ref/doc/uid/20002093-BCIJIJBH">a
torbutton/index.wml    299) lot more complicated</a>, unfortunately.
torbutton/index.wml    300) 
torbutton/index.wml    301) </p>
torbutton/index.wml    302) 
torbutton/index.wml    303) <p>
torbutton/index.wml    304) 
torbutton/index.wml    305) In addition, RSS readers such as Firefox Livemarks can perform
torbutton/index.wml    306) periodic fetches. Due to <a
torbutton/index.wml    307) href="https://bugzilla.mozilla.org/show_bug.cgi?id=436250">Firefox Bug
torbutton/index.wml    308) 436250</a>, there is no way to disable Livemark fetches during Tor. This can
torbutton/index.wml    309) be a problem if you have a lot of custom Livemark urls that can give away
torbutton/index.wml    310) information about your identity.
torbutton/index.wml    311) 
torbutton/index.wml    312) </p>
torbutton/index.wml    313) 
torbutton/index.wml    314) <h2>Description of Options</h2>
torbutton/index.wml    315) 
torbutton/index.wml    316) <p>The development branch of Torbutton adds several new security features to
torbutton/index.wml    317) protect your anonymity from all the major threats the author is aware of. The
torbutton/index.wml    318) defaults should be fine for most people, but in case you are the tweaker type,
torbutton/index.wml    319) or if you prefer to try to outsource some options to more flexible extensions,
torbutton/index.wml    320) here is the complete list. (In an ideal world, these descriptions should all be
torbutton/index.wml    321) tooltips in the extension itself, but Firefox bugs <a
torbutton/index.wml    322) href="https://bugzilla.mozilla.org/show_bug.cgi?id=45375">45375</a> and <a
torbutton/index.wml    323) href="https://bugzilla.mozilla.org/show_bug.cgi?id=218223">218223</a> currently
torbutton/index.wml    324) prevent this).</p>
torbutton/index.wml    325) 
torbutton/index.wml    326) <ul>
torbutton/index.wml    327)  <li>Disable plugins on Tor Usage (crucial)</li>
torbutton/index.wml    328) 
torbutton/index.wml    329)   This option is key to Tor security. Plugins perform their own networking
torbutton/index.wml    330) independent of the browser, and many plugins only partially obey even their own
torbutton/index.wml    331) proxy settings.
torbutton/index.wml    332) 
torbutton/index.wml    333)   <li>Isolate Dynamic Content to Tor State (crucial)</li>
torbutton/index.wml    334) 
torbutton/index.wml    335)   Another crucial option, this setting causes the plugin to disable Javascript
torbutton/index.wml    336)   on tabs that are loaded during a Tor state different than the current one,
torbutton/index.wml    337)   to prevent delayed fetches of injected URLs that contain unique identifiers,
torbutton/index.wml    338)   and to prevent meta-refresh tags from revealing your IP when you turn off
torbutton/index.wml    339)   Tor. It also prevents all fetches from tabs loaded with an opposite Tor
torbutton/index.wml    340)   state. This serves to block non-Javascript dynamic content such as CSS
torbutton/index.wml    341)   popups from revealing your IP address if you disable Tor.
torbutton/index.wml    342) 
torbutton/index.wml    343)   <li>Hook Dangerous Javascript (crucial)</li>
torbutton/index.wml    344) 
torbutton/index.wml    345) This setting enables the Javascript hooking code. Javascript is injected into
torbutton/index.wml    346) pages to hook the Date object to mask your timezone, and to hook the navigator
torbutton/index.wml    347) object to mask OS and user agent properties not handled by the standard
torbutton/index.wml    348) Firefox user agent override settings.
torbutton/index.wml    349) 
torbutton/index.wml    350)   <li>Resize window dimensions to multiples of 50px on toggle (recommended)</li>
torbutton/index.wml    351) 
torbutton/index.wml    352) To cut down on the amount of state available to fingerprint users uniquely, 
torbutton/index.wml    353) this pref causes windows to be resized to a multiple of 50 pixels on each
torbutton/index.wml    354) side when Tor is enabled and pages are loaded.
torbutton/index.wml    355) 
torbutton/index.wml    356)   <li>Disable Updates During Tor (recommended)</li>
torbutton/index.wml    357) 
torbutton/index.wml    358) Under Firefox 2, many extension authors did not update their extensions from 
torbutton/index.wml    359) SSL-enabled websites. It is possible for malicious Tor nodes to hijack these extensions and replace them with malicious ones, or add malicious code to 
torbutton/index.wml    360) existing extensions. Since Firefox 3 now enforces encrypted and/or
torbutton/index.wml    361) authenticated updates, this setting is no longer as important as it once
torbutton/index.wml    362) was (though updates do leak information about which extensions you have, it is
torbutton/index.wml    363) fairly infrequent).
torbutton/index.wml    364) 
torbutton/index.wml    365)   <li>Disable Search Suggestions during Tor (optional)</li>
torbutton/index.wml    366) 
torbutton/index.wml    367) This optional setting governs if you get Google search suggestions during Tor
torbutton/index.wml    368) usage. Since no cookie is transmitted during search suggestions, this is a
torbutton/index.wml    369) relatively benign behavior.
torbutton/index.wml    370) 
torbutton/index.wml    371)   <li>Block Tor/Non-Tor access to network from file:// urls (recommended)</li>
torbutton/index.wml    372) 
torbutton/index.wml    373) These settings prevent local html documents from transmitting local files to
torbutton/index.wml    374) arbitrary websites <a href="http://www.gnucitizen.org/blog/content-disposition-hacking/">under Firefox 2</a>. Since exit nodes can insert headers that
torbutton/index.wml    375) force the browser to save arbitrary pages locally (and also inject script into
torbutton/index.wml    376) arbitrary html files you save to disk via Tor), it is probably a good idea to
torbutton/index.wml    377) leave this setting on.
torbutton/index.wml    378) 
torbutton/index.wml    379)   <li>Close all Non-Tor/Tor windows and tabs on toggle (optional)</li>
torbutton/index.wml    380) 
torbutton/index.wml    381) These two settings allow you to obtain a greater degree of assurance that
torbutton/index.wml    382) after you toggle out of Tor, the pages are really gone and can't perform any
torbutton/index.wml    383) extra network activity. Currently, there is no known way that pages can still
torbutton/index.wml    384) perform activity after toggle, but these options exist as a backup measure
torbutton/index.wml    385) just in case a flaw is discovered. They can also serve as a handy 'Boss
torbutton/index.wml    386) Button' feature for clearing all Tor browsing off your screen in a hurry.
torbutton/index.wml    387) 
torbutton/index.wml    388)   <li>Isolate access to history navigation to Tor state (crucial)</li>
torbutton/index.wml    389) 
torbutton/index.wml    390) This setting prevents both Javascript and accidental user clicks from causing
torbutton/index.wml    391) the session history to load pages that were fetched in a different Tor state
torbutton/index.wml    392) than the current one. Since this can be used to correlate Tor and Non-Tor
torbutton/index.wml    393) activity and thus determine your IP address, it is marked as a crucial 
torbutton/index.wml    394) setting.
torbutton/index.wml    395) 
torbutton/index.wml    396)   <li>Block History Reads during Tor (crucial)</li>
torbutton/index.wml    397) 
torbutton/index.wml    398)   Based on code contributed by <a href="http://www.collinjackson.com/">Collin
torbutton/index.wml    399)   Jackson</a>, when enabled and Tor is enabled, this setting prevents the
torbutton/index.wml    400) rendering engine from knowing if certain links were visited.  This mechanism
torbutton/index.wml    401) defeats all document-based history disclosure attacks, including CSS-only
torbutton/index.wml    402) attacks.
torbutton/index.wml    403) 
torbutton/index.wml    404)   <li>Block History Reads during Non-Tor (recommended)</li>
torbutton/index.wml    405) 
torbutton/index.wml    406)   This setting accomplishes the same but for your Non-Tor activity.
torbutton/index.wml    407) 
torbutton/index.wml    408)   <li>Block History Writes during Tor (recommended)</li>
torbutton/index.wml    409) 
torbutton/index.wml    410)   This setting prevents the rendering engine from recording visited URLs, and
torbutton/index.wml    411) also disables download manager history. Note that if you allow writing of Tor history,
torbutton/index.wml    412) it is recommended that you disable non-Tor history reads, since malicious
torbutton/index.wml    413) websites you visit without Tor can query your history for .onion sites and
torbutton/index.wml    414) other history recorded during Tor usage (such as Google queries).
torbutton/index.wml    415) 
torbutton/index.wml    416)   <li>Block History Writes during Non-Tor (optional)</li>
torbutton/index.wml    417) 
torbutton/index.wml    418) This setting also disables recording any history information during Non-Tor
torbutton/index.wml    419) usage.
torbutton/index.wml    420) 
torbutton/index.wml    421) <li>Clear History During Tor Toggle (optional)</li>
torbutton/index.wml    422) 
torbutton/index.wml    423)   This is an alternate setting to use instead of (or in addition to) blocking
torbutton/index.wml    424) history reads or writes.
torbutton/index.wml    425) 
torbutton/index.wml    426)   <li>Block Password+Form saving during Tor/Non-Tor</li>
torbutton/index.wml    427) 
torbutton/index.wml    428)   These options govern if the browser writes your passwords and search
torbutton/index.wml    429)   submissions to disk for the given state.
torbutton/index.wml    430) 
torbutton/index.wml    431)   <li>Block Tor disk cache and clear all cache on Tor Toggle</li>
torbutton/index.wml    432) 
torbutton/index.wml    433)   Since the browser cache can be leveraged to store unique identifiers, cache
torbutton/index.wml    434) must not persist across Tor sessions. This option keeps the memory cache active
torbutton/index.wml    435) during Tor usage for performance, but blocks disk access for caching.
torbutton/index.wml    436) 
torbutton/index.wml    437)   <li>Block disk and memory cache during Tor</li>
torbutton/index.wml    438) 
torbutton/index.wml    439)   This setting entirely blocks the cache during Tor, but preserves it for
torbutton/index.wml    440) Non-Tor usage.
torbutton/index.wml    441) 
torbutton/index.wml    442)   <li>Clear Cookies on Tor Toggle</li>
torbutton/index.wml    443) 
torbutton/index.wml    444)   Fully clears all cookies on Tor toggle.
torbutton/index.wml    445)   
torbutton/index.wml    446)   <li>Store Non-Tor cookies in a protected jar</li>
torbutton/index.wml    447) 
torbutton/index.wml    448)   This option stores your persistent Non-Tor cookies in a special cookie jar
torbutton/index.wml    449)   file, in case you wish to preserve some cookies. Based on code contributed
torbutton/index.wml    450)   by <a href="http://www.collinjackson.com/">Collin Jackson</a>. It is
torbutton/index.wml    451)   compatible with third party extensions that you use to manage your Non-Tor
torbutton/index.wml    452)   cookies. Your Tor cookies will be cleared on toggle, of course.
torbutton/index.wml    453) 
torbutton/index.wml    454)   <li>Store both Non-Tor and Tor cookies in a protected jar (dangerous)</li>
torbutton/index.wml    455) 
torbutton/index.wml    456)   This option stores your persistent Tor and Non-Tor cookies 
torbutton/index.wml    457)   separate cookie jar files. Note that it is a bad idea to keep Tor
torbutton/index.wml    458)   cookies around for any length of time, as they can be retrieved by exit
torbutton/index.wml    459)   nodes that inject spoofed forms into plaintext pages you fetch.
torbutton/index.wml    460) 
torbutton/index.wml    461)   <li>Manage My Own Cookies (dangerous)</li>
torbutton/index.wml    462) 
torbutton/index.wml    463)   This setting allows you to manage your own cookies with an alternate
torbutton/index.wml    464) extension, such as <a href="https://addons.mozilla.org/firefox/addon/82">CookieCuller</a>. Note that this is particularly dangerous,
torbutton/index.wml    465) since malicious exit nodes can spoof document elements that appear to be from
torbutton/index.wml    466) sites you have preserved cookies for (and can then do things like fetch your
torbutton/index.wml    467) entire gmail inbox, even if you were not using gmail or visiting any google
torbutton/index.wml    468) pages at the time!).
torbutton/index.wml    469)  
torbutton/index.wml    470)   <li>Do not write Tor/Non-Tor cookies to disk</li>
torbutton/index.wml    471) 
torbutton/index.wml    472)   These settings prevent Firefox from writing any cookies to disk during the
torbutton/index.wml    473)   corresponding Tor state. If cookie jars are enabled, those jars will
torbutton/index.wml    474)   exist in memory only, and will be cleared when Firefox exits.
torbutton/index.wml    475) 
torbutton/index.wml    476)   <li>Disable DOM Storage during Tor usage (crucial)</li>
torbutton/index.wml    477) 
torbutton/index.wml    478)   Firefox has recently added the ability to store additional state and
torbutton/index.wml    479)   identifiers in persistent tables, called <a

torbutton/en/index.wml 480)   href="http://developer.mozilla.org/docs/DOM:Storage">DOM Storage</a>.

torbutton/index.wml    481)   Obviously this can compromise your anonymity if stored content can be
torbutton/index.wml    482)   fetched across Tor-state.
torbutton/index.wml    483) 
torbutton/index.wml    484)   <li>Clear HTTP auth sessions (recommended)</li>
torbutton/index.wml    485) 
torbutton/index.wml    486)   HTTP authentication credentials can be probed by exit nodes and used to both confirm that you visit a certain site that uses HTTP auth, and also impersonate you on this site. 
torbutton/index.wml    487) 
torbutton/index.wml    488)   <li>Clear cookies on Tor/Non-Tor shutdown</li>
torbutton/index.wml    489) 
torbutton/index.wml    490)   These settings install a shutdown handler to clear cookies on Tor
torbutton/index.wml    491) and/or Non-Tor browser shutdown. It is independent of your Clear Private Data
torbutton/index.wml    492) settings, and does in fact clear the corresponding cookie jars.
torbutton/index.wml    493) 
torbutton/index.wml    494)   <li>Prevent session store from saving Tor-loaded tabs (recommended)</li>
torbutton/index.wml    495) 
torbutton/index.wml    496)   This option augments the session store to prevent it from writing out
torbutton/index.wml    497)   Tor-loaded tabs to disk. Unfortunately, this also disables your ability to 
torbutton/index.wml    498)   undo closed tabs. The reason why this setting is recommended is because
torbutton/index.wml    499)   after a session crash, your browser will be in an undefined Tor state, and
torbutton/index.wml    500)   can potentially load a bunch of Tor tabs without Tor. The following option
torbutton/index.wml    501)   is another alternative to protect against this.
torbutton/index.wml    502) 
torbutton/index.wml    503)   <li>On normal startup, set state to: Tor, Non-Tor, Shutdown State</li>
torbutton/index.wml    504) 
torbutton/index.wml    505)   This setting allows you to choose which Tor state you want the browser to
torbutton/index.wml    506)   start in normally: Tor, Non-Tor, or whatever state the browser shut down in.
torbutton/index.wml    507) 
torbutton/index.wml    508)   <li>On crash recovery or session restored startup, restore via: Tor, Non-Tor</li>
torbutton/index.wml    509) 
torbutton/index.wml    510)   When Firefox crashes, the Tor state upon restart usually is completely
torbutton/index.wml    511)   random, and depending on your choice for the above option, may load 
torbutton/index.wml    512)   a bunch of tabs in the wrong state. This setting allows you to choose
torbutton/index.wml    513)   which state the crashed session should always be restored in to.
torbutton/index.wml    514) 
torbutton/index.wml    515)   <li>Prevent session store from saving Non-Tor/Tor-loaded tabs</li>
torbutton/index.wml    516)   
torbutton/index.wml    517)   These two settings allow you to control what the Firefox Session Store
torbutton/index.wml    518)   writes to disk. Since the session store state is used to automatically
torbutton/index.wml    519)   load websites after a crash or upgrade, it is advisable not to allow
torbutton/index.wml    520)   Tor tabs to be written to disk, or they may get loaded in Non-Tor
torbutton/index.wml    521)   after a crash (or the reverse, depending upon the crash recovery setting, 
torbutton/index.wml    522)   of course).
torbutton/index.wml    523)   
torbutton/index.wml    524)   <li>Set user agent during Tor usage (crucial)</li>
torbutton/index.wml    525) 
torbutton/index.wml    526)   User agent masking is done with the idea of making all Tor users appear
torbutton/index.wml    527) uniform. A recent Firefox 2.0.0.4 Windows build was chosen to mimic for this
torbutton/index.wml    528) string and supporting navigator.* properties, and this version will remain the
torbutton/index.wml    529) same for all TorButton versions until such time as specific incompatibility
torbutton/index.wml    530) issues are demonstrated. Uniformity of this value is obviously very important
torbutton/index.wml    531) to anonymity. Note that for this option to have full effectiveness, the user
torbutton/index.wml    532) must also allow Hook Dangerous Javascript ensure that the navigator.*
torbutton/index.wml    533) properties are reset correctly.  The browser does not set some of them via the
torbutton/index.wml    534) exposed user agent override preferences.
torbutton/index.wml    535) 
torbutton/index.wml    536)   <li>Spoof US English Browser</li>
torbutton/index.wml    537) 
torbutton/index.wml    538) This option causes Firefox to send http headers as if it were an English
torbutton/index.wml    539) browser. Useful for internationalized users.
torbutton/index.wml    540) 
torbutton/index.wml    541)   <li>Don't send referrer during Tor Usage</li>
torbutton/index.wml    542) 
torbutton/index.wml    543) This option disables the referrer header, preventing sites from determining
torbutton/index.wml    544) where you came from to visit them. This can break some sites, however. <a
torbutton/index.wml    545) href="http://www.digg.com">Digg</a> in particular seemed to be broken by this.
torbutton/index.wml    546) A more streamlined, less intrusive version of this option should be available
torbutton/index.wml    547) eventually. In the meantime, <a

torbutton/en/index.wml 548) href="https://addons.mozilla.org/firefox/addon/953">RefControl</a> can

torbutton/index.wml    549) provide this functionality via a default option of <b>Forge</b>.
torbutton/index.wml    550) </ul>
torbutton/index.wml    551) 

torbutton/en/index.wml 552)     </div><!-- #main -->

torbutton/index.wml    553) 

torbutton/en/index.wml 554) #include <foot.wmi>