Name change.
Jacob Appelbaum authored 16 years ago
|
torbutton/index.wml 99) <br/>
torbutton/index.wml 100) <strong>Authors:</strong> Scott Squires & Mike Perry<br>
torbutton/index.wml 101) <strong>Email:</strong> squires at freehaven dot net, mikeperry (o) fscked/org<br/>
torbutton/index.wml 102) <br/>
torbutton/index.wml 103) <strong>Install:</strong>
torbutton/index.wml 104) <a href="http://torbutton.torproject.org/dev/torbutton-current.xpi"
torbutton/index.wml 105) hash="sha1:7f01c577641b6222781cd880c9825d6f50ff1cc4"
torbutton/index.wml 106) onclick="return install(event);">Local (Javascript verified)</a><br/>
torbutton/index.wml 107) <strong>Past Releases:</strong> <a href="releases/">Local (non-https)</a><br/>
torbutton/index.wml 108) <strong>Developer Documentation:</strong> <a href="design/">Torbutton Design Document</a> and <a href="design/MozillaBrownBag.pdf">Slides (Not actively updated)</a><br/>
torbutton/index.wml 109) <strong>Extras:</strong>
torbutton/index.wml 110)
torbutton/index.wml 111) Google search plugins for
torbutton/index.wml 112)
torbutton/index.wml 113) <a href="/jsreq.html" title="Ref: 14938 (googleCA)"
torbutton/index.wml 114) onClick="addOpenSearch('GoogleCanada','ico','General','14937','g');return false">Google CA</a>, and
torbutton/index.wml 115)
torbutton/index.wml 116) <a href="/jsreq.html" title="Ref: 14938 (googleCA)"
torbutton/index.wml 117) onClick="addOpenSearch('googleuk_web','png','General','14445','g');return false">Google UK</a>.
torbutton/index.wml 118) <br/>
torbutton/index.wml 119) <!--
torbutton/index.wml 120) <strong>Install:</strong> <a href="torbutton-1.0.4.xpi">torbutton-1.0.4.xpi</a><br/>
torbutton/index.wml 121) -->
torbutton/index.wml 122) <strong>Source:</strong> You can <a href="https://tor-svn.freehaven.net/svn/torbutton/trunk/">browse the repository</a> or simply unzip the xpi.
torbutton/index.wml 123) <br/>
torbutton/index.wml 124) <strong>Bug Reports:</strong> <a href="https://bugs.torproject.org/flyspray/index.php?tasks=all&project=5">Torproject flyspray</a><br/>
torbutton/index.wml 125) <strong>Documents:</strong> <b>[</b> <a href="#FAQ">FAQ</a> <b>|</b> <a href="CHANGELOG">changelog</a> <b>|</b> <a href="LICENSE">license</a> <b>|</b> <a href="CREDITS">credits</a> <b>]</b><br/>
torbutton/index.wml 126) <h2>About</h2>
torbutton/index.wml 127) <p>
torbutton/index.wml 128) Torbutton is a 1-click way for Firefox users to enable or disable the browser's use of <a href="https://www.torproject.org/">Tor</a>. It adds a panel to the statusbar that says "Tor Enabled" (in green) or "Tor Disabled" (in red). The user may click on the panel to toggle the status. If the user (or some other extension) changes the proxy settings, the change is automatically reflected in the statusbar.
torbutton/index.wml 129) </p><p>
torbutton/index.wml 130) Some users may prefer a toolbar button instead of a statusbar panel. Such a button is included, and one adds it to the toolbar by right-clicking on the desired toolbar, selecting "Customize...", and then dragging the Torbutton icon onto the toolbar. There is an option in the preferences to hide the statusbar panel (Tools->Extensions, select Torbutton, and click on Preferences).
torbutton/index.wml 131) </p>
torbutton/index.wml 132) <p>
torbutton/index.wml 133) Newer Firefoxes have the ability to send DNS resolves through the socks proxy, and Torbutton will make use of this feature if it is available in your version of Firefox.
torbutton/index.wml 134) </p>
torbutton/index.wml 135)
torbutton/index.wml 136) <a id="FAQ"></a><h2>FAQ</h2>
torbutton/index.wml 137)
torbutton/index.wml 138) <strong>I can't click on links or hit reload after I toggle Tor! Why?</strong>
torbutton/index.wml 139) <p>
torbutton/index.wml 140)
torbutton/index.wml 141) Due to <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=409737">Firefox
torbutton/index.wml 142) Bug 409737</a>, pages can still open popups and perform Javascript redirects
torbutton/index.wml 143) and history access after Tor has been toggled. These popups and redirects can
torbutton/index.wml 144) be blocked, but unfortunately they are indistinguishable from normal user
torbutton/index.wml 145) interactions with the page (such as clicking on links, opening them in new
torbutton/index.wml 146) tabs/windows, or using the history buttons), and so those are blocked as a
torbutton/index.wml 147) side effect. Once that Firefox bug is fixed, this degree of isolation will
torbutton/index.wml 148) become optional (for people who do not want to accidentally click on links and
torbutton/index.wml 149) give away information via referrers). A workaround is to right click on the
torbutton/index.wml 150) link, and open it in a new tab or window. The tab or window won't load
torbutton/index.wml 151) automatically, but you can hit enter in the URL bar, and it will begin
torbutton/index.wml 152) loading. Hitting enter in the URL bar will also reload the page without
torbutton/index.wml 153) clicking the reload button.
torbutton/index.wml 154)
torbutton/index.wml 155) </p>
torbutton/index.wml 156)
torbutton/index.wml 157) <strong>My browser is in some weird state where nothing works right!</strong>
torbutton/index.wml 158) <p>
torbutton/index.wml 159)
torbutton/index.wml 160) Try to disable Tor by clicking on the button, and then open a new window. If
torbutton/index.wml 161) that doesn't fix the issue, go to the preferences page and hit 'Restore
torbutton/index.wml 162) Defaults'. This should reset the extension and Firefox to a known good
torbutton/index.wml 163) configuration. If you can manage to reproduce whatever issue gets your
torbutton/index.wml 164) Firefox wedged, please file details at <a
torbutton/index.wml 165) href="https://bugs.torproject.org/flyspray/index.php?tasks=all&project=5">the
torbutton/index.wml 166) bug tracker</a>.
torbutton/index.wml 167)
torbutton/index.wml 168) </p>
torbutton/index.wml 169)
torbutton/index.wml 170) <strong>When I toggle Tor, my sites that use javascript stop working. Why?</strong>
torbutton/index.wml 171) <p>
torbutton/index.wml 172)
torbutton/index.wml 173) Javascript can do things like wait until you have disabled Tor before trying
torbutton/index.wml 174) to contact its source site, thus revealing your IP address. As such, Torbutton
torbutton/index.wml 175) must disable Javascript, Meta-Refresh tags, and certain CSS behavior when Tor
torbutton/index.wml 176) state changes from the state that was used to load a given page. These features
torbutton/index.wml 177) are re-enabled when Torbutton goes back into the state that was used to load
torbutton/index.wml 178) the page, but in some cases (particularly with Javascript and CSS) it is
torbutton/index.wml 179) sometimes not possible to fully recover from the resulting errors, and the
torbutton/index.wml 180) page is broken. Unfortunately, the only thing you can do (and still remain
torbutton/index.wml 181) safe from having your IP address leak) is to reload the page when you toggle
torbutton/index.wml 182) Tor, or just ensure you do all your work in a page before switching tor state.
torbutton/index.wml 183)
torbutton/index.wml 184) </p>
torbutton/index.wml 185)
torbutton/index.wml 186)
torbutton/index.wml 187) <strong>When I use Tor, Firefox is no longer filling in logins/search boxes
torbutton/index.wml 188) for me. Why?</strong>
torbutton/index.wml 189) <p>
torbutton/index.wml 190)
torbutton/index.wml 191) Currently, this is tied to the "<b>Block history writes during Tor</b>"
torbutton/index.wml 192) setting. If you have enabled that setting, all formfill functionality (both
torbutton/index.wml 193) saving and reading) is disabled. If this bothers you, you can uncheck that
torbutton/index.wml 194) option, but both history and forms will be saved. To prevent history
torbutton/index.wml 195) disclosure attacks via Non-Tor usage, it is recommended you disable Non-Tor
torbutton/index.wml 196) history reads if you allow history writing during Tor.
torbutton/index.wml 197)
torbutton/index.wml 198) </p>
torbutton/index.wml 199)
torbutton/index.wml 200)
torbutton/index.wml 201) <strong>Which Firefox extensions should I avoid using?</strong>
torbutton/index.wml 202) <p>
torbutton/index.wml 203)
torbutton/index.wml 204) This is a tough one. There are thousands of Firefox extensions: making a
torbutton/index.wml 205) complete list of ones that are bad for anonymity is near impossible. However,
torbutton/index.wml 206) here are a few examples that should get you started as to what sorts of
torbutton/index.wml 207) behavior are dangerous.
torbutton/index.wml 208)
torbutton/index.wml 209) <ol>
torbutton/index.wml 210) <li>StumbleUpon, et al</li>
torbutton/index.wml 211) These extensions will send all sorts of information about the websites you
torbutton/index.wml 212) visit to the stumbleupon servers, and correlate this information with a
torbutton/index.wml 213) unique identifier. This is obviously terrible for your anonymity.
torbutton/index.wml 214) More generally, any sort of extension that requires registration, or even
torbutton/index.wml 215) extensions that provide information about websites you visit should be
torbutton/index.wml 216) suspect.
torbutton/index.wml 217)
torbutton/index.wml 218) <li>FoxyProxy</li>
torbutton/index.wml 219)
torbutton/index.wml 220) While FoxyProxy is a nice idea in theory, in practice it is impossible to
torbutton/index.wml 221) configure securely for Tor usage without Torbutton. Like all vanilla third
torbutton/index.wml 222) party proxy plugins, the main risks are <a
torbutton/index.wml 223) href="http://www.metasploit.com/research/projects/decloak/">plugin leakage</a>
torbutton/index.wml 224) and <a href="http://ha.ckers.org/weird/CSS-history.cgi">history
torbutton/index.wml 225) disclosure</a>, followed closely by cookie theft by exit nodes and tracking by
torbutton/index.wml 226) adservers (see the <a href="design/index.html#adversary">Torbutton Adversary
torbutton/index.wml 227) Model</a> for more information). However, even with Torbutton installed in
torbutton/index.wml 228) tandem and always enabled, it is still very difficult (though not impossible)
torbutton/index.wml 229) to configure FoxyProxy securely. Since FoxyProxy's 'Patterns' mode only
torbutton/index.wml 230) applies to specific urls, and not to an entire tab, setting FoxyProxy to only
torbutton/index.wml 231) send specific sites through Tor will still allow adservers to still learn your
torbutton/index.wml 232) real IP. Worse, if those sites use offsite logging services such as Google
torbutton/index.wml 233) Analytics, you may still end up in their logs with your real IP. Malicious
torbutton/index.wml 234) exit nodes can also cooperate with sites to inject images into pages that
torbutton/index.wml 235) bypass your filters. Setting FoxyProxy to only send certain URLs via Non-Tor
torbutton/index.wml 236) is much more viable, but be very careful with the filters you allow. For
torbutton/index.wml 237) example, something as simple as allowing *google* to go via Non-Tor will still
torbutton/index.wml 238) cause you to end up in all the logs of all websites that use Google Analytics!
torbutton/index.wml 239) See <a href="http://foxyproxy.mozdev.org/faq.html#privacy-01">this
torbutton/index.wml 240) question</a> on the FoxyProxy FAQ for more information.
torbutton/index.wml 241)
torbutton/index.wml 242) <li>NoScript</li>
torbutton/index.wml 243) Torbutton currently mitigates all known anonymity issues with Javascript.
torbutton/index.wml 244) While it may be tempting to get better security by disabling Javascript for
torbutton/index.wml 245) certain sites, you are far better off with an all-or-nothing approach.
torbutton/index.wml 246) NoScript is exceedingly complicated, and has many subtleties that can surprise
torbutton/index.wml 247) even advanced users. For example, addons.mozilla.org verifies extension
torbutton/index.wml 248) integrity via Javascript over https, but downloads them in the clear. Not
torbutton/index.wml 249) adding it to your whitelist effectively
torbutton/index.wml 250) means you are pulling down unverified extensions. Worse still, using NoScript
torbutton/index.wml 251) can actually disable protections that Torbutton itself provides via
torbutton/index.wml 252) Javascript, yet still allow malicious exit nodes to compromise your
torbutton/index.wml 253) anonymity via the default whitelist (which they can spoof to inject any script they want).
torbutton/index.wml 254)
torbutton/index.wml 255) </ol>
torbutton/index.wml 256)
torbutton/index.wml 257) </p>
torbutton/index.wml 258)
torbutton/index.wml 259) <strong>Which Firefox extensions do you recommend?</strong>
torbutton/index.wml 260) <p>
torbutton/index.wml 261) <ol>
torbutton/index.wml 262) <li><a href="https://addons.mozilla.org/en-US/firefox/addon/953">RefControl</a></li>
torbutton/index.wml 263) Mentioned above, this extension allows more fine-grained referrer spoofing
torbutton/index.wml 264) than Torbutton currently provides. It should break less sites than Torbutton's
torbutton/index.wml 265) referrer spoofing option.
torbutton/index.wml 266) <li><a href="https://addons.mozilla.org/en-US/firefox/addon/1474">SafeCache</a></li>
torbutton/index.wml 267) If you use Tor excessively, and rarely disable it, you probably want to
torbutton/index.wml 268) install this extension to minimize the ability of sites to store long term
torbutton/index.wml 269) identifiers in your cache. This extension applies same origin policy to the
torbutton/index.wml 270) cache, so that elements are retrieved from the cache only if they are fetched
torbutton/index.wml 271) from a document in the same origin domain as the cached element.
torbutton/index.wml 272) </ol>
torbutton/index.wml 273)
torbutton/index.wml 274) </p>
torbutton/index.wml 275)
torbutton/index.wml 276) <strong>Are there any other issues I should be concerned about?</strong>
torbutton/index.wml 277) <p>
torbutton/index.wml 278)
torbutton/index.wml 279) There is currently one known unfixed security issue with Torbutton: it is
torbutton/index.wml 280) possible to unmask the javascript hooks that wrap the Date object to conceal
torbutton/index.wml 281) your timezone in Firefox 2, and the timezone masking code does not work at all
torbutton/index.wml 282) on Firefox 3. We are working with the Firefox team to fix one of <a
torbutton/index.wml 283) href="https://bugzilla.mozilla.org/show_bug.cgi?id=392274">Bug 399274</a> or
torbutton/index.wml 284) <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=419598">Bug 419598</a>
torbutton/index.wml 285) to address this. In the meantime, it is possible to set the <b>TZ</b>
torbutton/index.wml 286) environment variable to <b>UTC</b> to cause the browser to use UTC as your
torbutton/index.wml 287) timezone. Under Linux, you can add an <b>export TZ=UTC</b> to the
torbutton/index.wml 288) /usr/bin/firefox script, or edit your system bashrc to do the same. Under
torbutton/index.wml 289) Windows, you can set either a <a
torbutton/index.wml 290) href="http://support.microsoft.com/kb/310519">User or System Environment
torbutton/index.wml 291) Variable</a> for TZ via My Computer's properties. In MacOS, the situation is
torbutton/index.wml 292) <a
torbutton/index.wml 293) href="http://developer.apple.com/documentation/MacOSX/Conceptual/BPRuntimeConfig/Articles/EnvironmentVars.html#//apple_ref/doc/uid/20002093-BCIJIJBH">a
torbutton/index.wml 294) lot more complicated</a>, unfortunately.
torbutton/index.wml 295)
torbutton/index.wml 296) </p>
torbutton/index.wml 297)
torbutton/index.wml 298) <p>
torbutton/index.wml 299)
torbutton/index.wml 300) In addition, RSS readers such as Firefox Livemarks can perform
torbutton/index.wml 301) periodic fetches. Due to <a
torbutton/index.wml 302) href="https://bugzilla.mozilla.org/show_bug.cgi?id=436250">Firefox Bug
torbutton/index.wml 303) 436250</a>, there is no way to disable Livemark fetches during Tor. This can
torbutton/index.wml 304) be a problem if you have a lot of custom Livemark urls that can give away
torbutton/index.wml 305) information about your identity.
torbutton/index.wml 306)
torbutton/index.wml 307) </p>
torbutton/index.wml 308)
torbutton/index.wml 309) <h2>Description of Options</h2>
torbutton/index.wml 310)
torbutton/index.wml 311) <p>The development branch of Torbutton adds several new security features to
torbutton/index.wml 312) protect your anonymity from all the major threats the author is aware of. The
torbutton/index.wml 313) defaults should be fine for most people, but in case you are the tweaker type,
torbutton/index.wml 314) or if you prefer to try to outsource some options to more flexible extensions,
torbutton/index.wml 315) here is the complete list. (In an ideal world, these descriptions should all be
torbutton/index.wml 316) tooltips in the extension itself, but Firefox bugs <a
torbutton/index.wml 317) href="https://bugzilla.mozilla.org/show_bug.cgi?id=45375">45375</a> and <a
torbutton/index.wml 318) href="https://bugzilla.mozilla.org/show_bug.cgi?id=218223">218223</a> currently
torbutton/index.wml 319) prevent this).</p>
torbutton/index.wml 320)
torbutton/index.wml 321) <ul>
torbutton/index.wml 322) <li>Disable plugins on Tor Usage (crucial)</li>
torbutton/index.wml 323)
torbutton/index.wml 324) This option is key to Tor security. Plugins perform their own networking
torbutton/index.wml 325) independent of the browser, and many plugins only partially obey even their own
torbutton/index.wml 326) proxy settings.
torbutton/index.wml 327)
torbutton/index.wml 328) <li>Isolate Dynamic Content to Tor State (crucial)</li>
torbutton/index.wml 329)
torbutton/index.wml 330) Another crucial option, this setting causes the plugin to disable Javascript
torbutton/index.wml 331) on tabs that are loaded during a Tor state different than the current one,
torbutton/index.wml 332) to prevent delayed fetches of injected URLs that contain unique identifiers,
torbutton/index.wml 333) and to prevent meta-refresh tags from revealing your IP when you turn off
torbutton/index.wml 334) Tor. It also prevents all fetches from tabs loaded with an opposite Tor
torbutton/index.wml 335) state. This serves to block non-Javascript dynamic content such as CSS
torbutton/index.wml 336) popups from revealing your IP address if you disable Tor.
torbutton/index.wml 337)
torbutton/index.wml 338) <li>Hook Dangerous Javascript (crucial)</li>
torbutton/index.wml 339)
torbutton/index.wml 340) This setting enables the Javascript hooking code. Javascript is injected into
torbutton/index.wml 341) pages to hook the Date object to mask your timezone, and to hook the navigator
torbutton/index.wml 342) object to mask OS and user agent properties not handled by the standard
torbutton/index.wml 343) Firefox user agent override settings.
torbutton/index.wml 344)
torbutton/index.wml 345) <li>Resize window dimensions to multiples of 50px on toggle (recommended)</li>
torbutton/index.wml 346)
torbutton/index.wml 347) To cut down on the amount of state available to fingerprint users uniquely,
torbutton/index.wml 348) this pref causes windows to be resized to a multiple of 50 pixels on each
torbutton/index.wml 349) side when Tor is enabled and pages are loaded.
torbutton/index.wml 350)
torbutton/index.wml 351) <li>Disable Updates During Tor (recommended)</li>
torbutton/index.wml 352)
torbutton/index.wml 353) Under Firefox 2, many extension authors did not update their extensions from
torbutton/index.wml 354) SSL-enabled websites. It is possible for malicious Tor nodes to hijack these extensions and replace them with malicious ones, or add malicious code to
torbutton/index.wml 355) existing extensions. Since Firefox 3 now enforces encrypted and/or
torbutton/index.wml 356) authenticated updates, this setting is no longer as important as it once
torbutton/index.wml 357) was (though updates do leak information about which extensions you have, it is
torbutton/index.wml 358) fairly infrequent).
torbutton/index.wml 359)
torbutton/index.wml 360) <li>Disable Search Suggestions during Tor (optional)</li>
torbutton/index.wml 361)
torbutton/index.wml 362) This optional setting governs if you get Google search suggestions during Tor
torbutton/index.wml 363) usage. Since no cookie is transmitted during search suggestions, this is a
torbutton/index.wml 364) relatively benign behavior.
torbutton/index.wml 365)
torbutton/index.wml 366) <li>Block Tor/Non-Tor access to network from file:// urls (recommended)</li>
torbutton/index.wml 367)
torbutton/index.wml 368) These settings prevent local html documents from transmitting local files to
torbutton/index.wml 369) arbitrary websites <a href="http://www.gnucitizen.org/blog/content-disposition-hacking/">under Firefox 2</a>. Since exit nodes can insert headers that
torbutton/index.wml 370) force the browser to save arbitrary pages locally (and also inject script into
torbutton/index.wml 371) arbitrary html files you save to disk via Tor), it is probably a good idea to
torbutton/index.wml 372) leave this setting on.
torbutton/index.wml 373)
torbutton/index.wml 374) <li>Close all Non-Tor/Tor windows and tabs on toggle (optional)</li>
torbutton/index.wml 375)
torbutton/index.wml 376) These two settings allow you to obtain a greater degree of assurance that
torbutton/index.wml 377) after you toggle out of Tor, the pages are really gone and can't perform any
torbutton/index.wml 378) extra network activity. Currently, there is no known way that pages can still
torbutton/index.wml 379) perform activity after toggle, but these options exist as a backup measure
torbutton/index.wml 380) just in case a flaw is discovered. They can also serve as a handy 'Boss
torbutton/index.wml 381) Button' feature for clearing all Tor browsing off your screen in a hurry.
torbutton/index.wml 382)
torbutton/index.wml 383) <li>Isolate access to history navigation to Tor state (crucial)</li>
torbutton/index.wml 384)
torbutton/index.wml 385) This setting prevents both Javascript and accidental user clicks from causing
torbutton/index.wml 386) the session history to load pages that were fetched in a different Tor state
torbutton/index.wml 387) than the current one. Since this can be used to correlate Tor and Non-Tor
torbutton/index.wml 388) activity and thus determine your IP address, it is marked as a crucial
torbutton/index.wml 389) setting.
torbutton/index.wml 390)
torbutton/index.wml 391) <li>Block History Reads during Tor (crucial)</li>
torbutton/index.wml 392)
torbutton/index.wml 393) Based on code contributed by <a href="http://www.collinjackson.com/">Collin
torbutton/index.wml 394) Jackson</a>, when enabled and Tor is enabled, this setting prevents the
torbutton/index.wml 395) rendering engine from knowing if certain links were visited. This mechanism
torbutton/index.wml 396) defeats all document-based history disclosure attacks, including CSS-only
torbutton/index.wml 397) attacks.
torbutton/index.wml 398)
torbutton/index.wml 399) <li>Block History Reads during Non-Tor (recommended)</li>
torbutton/index.wml 400)
torbutton/index.wml 401) This setting accomplishes the same but for your Non-Tor activity.
torbutton/index.wml 402)
torbutton/index.wml 403) <li>Block History Writes during Tor (recommended)</li>
torbutton/index.wml 404)
torbutton/index.wml 405) This setting prevents the rendering engine from recording visited URLs, and
torbutton/index.wml 406) also disables download manager history. Note that if you allow writing of Tor history,
torbutton/index.wml 407) it is recommended that you disable non-Tor history reads, since malicious
torbutton/index.wml 408) websites you visit without Tor can query your history for .onion sites and
torbutton/index.wml 409) other history recorded during Tor usage (such as Google queries).
torbutton/index.wml 410)
torbutton/index.wml 411) <li>Block History Writes during Non-Tor (optional)</li>
torbutton/index.wml 412)
torbutton/index.wml 413) This setting also disables recording any history information during Non-Tor
torbutton/index.wml 414) usage.
torbutton/index.wml 415)
torbutton/index.wml 416) <li>Clear History During Tor Toggle (optional)</li>
torbutton/index.wml 417)
torbutton/index.wml 418) This is an alternate setting to use instead of (or in addition to) blocking
torbutton/index.wml 419) history reads or writes.
torbutton/index.wml 420)
torbutton/index.wml 421) <li>Block Password+Form saving during Tor/Non-Tor</li>
torbutton/index.wml 422)
torbutton/index.wml 423) These options govern if the browser writes your passwords and search
torbutton/index.wml 424) submissions to disk for the given state.
torbutton/index.wml 425)
torbutton/index.wml 426) <li>Block Tor disk cache and clear all cache on Tor Toggle</li>
torbutton/index.wml 427)
torbutton/index.wml 428) Since the browser cache can be leveraged to store unique identifiers, cache
torbutton/index.wml 429) must not persist across Tor sessions. This option keeps the memory cache active
torbutton/index.wml 430) during Tor usage for performance, but blocks disk access for caching.
torbutton/index.wml 431)
torbutton/index.wml 432) <li>Block disk and memory cache during Tor</li>
torbutton/index.wml 433)
torbutton/index.wml 434) This setting entirely blocks the cache during Tor, but preserves it for
torbutton/index.wml 435) Non-Tor usage.
torbutton/index.wml 436)
torbutton/index.wml 437) <li>Clear Cookies on Tor Toggle</li>
torbutton/index.wml 438)
torbutton/index.wml 439) Fully clears all cookies on Tor toggle.
torbutton/index.wml 440)
torbutton/index.wml 441) <li>Store Non-Tor cookies in a protected jar</li>
torbutton/index.wml 442)
torbutton/index.wml 443) This option stores your persistent Non-Tor cookies in a special cookie jar
torbutton/index.wml 444) file, in case you wish to preserve some cookies. Based on code contributed
torbutton/index.wml 445) by <a href="http://www.collinjackson.com/">Collin Jackson</a>. It is
torbutton/index.wml 446) compatible with third party extensions that you use to manage your Non-Tor
torbutton/index.wml 447) cookies. Your Tor cookies will be cleared on toggle, of course.
torbutton/index.wml 448)
torbutton/index.wml 449) <li>Store both Non-Tor and Tor cookies in a protected jar (dangerous)</li>
torbutton/index.wml 450)
torbutton/index.wml 451) This option stores your persistent Tor and Non-Tor cookies
torbutton/index.wml 452) separate cookie jar files. Note that it is a bad idea to keep Tor
torbutton/index.wml 453) cookies around for any length of time, as they can be retrieved by exit
torbutton/index.wml 454) nodes that inject spoofed forms into plaintext pages you fetch.
torbutton/index.wml 455)
torbutton/index.wml 456) <li>Manage My Own Cookies (dangerous)</li>
torbutton/index.wml 457)
torbutton/index.wml 458) This setting allows you to manage your own cookies with an alternate
torbutton/index.wml 459) extension, such as <a href="https://addons.mozilla.org/firefox/addon/82">CookieCuller</a>. Note that this is particularly dangerous,
torbutton/index.wml 460) since malicious exit nodes can spoof document elements that appear to be from
torbutton/index.wml 461) sites you have preserved cookies for (and can then do things like fetch your
torbutton/index.wml 462) entire gmail inbox, even if you were not using gmail or visiting any google
torbutton/index.wml 463) pages at the time!).
torbutton/index.wml 464)
torbutton/index.wml 465) <li>Do not write Tor/Non-Tor cookies to disk</li>
torbutton/index.wml 466)
torbutton/index.wml 467) These settings prevent Firefox from writing any cookies to disk during the
torbutton/index.wml 468) corresponding Tor state. If cookie jars are enabled, those jars will
torbutton/index.wml 469) exist in memory only, and will be cleared when Firefox exits.
torbutton/index.wml 470)
torbutton/index.wml 471) <li>Disable DOM Storage during Tor usage (crucial)</li>
torbutton/index.wml 472)
torbutton/index.wml 473) Firefox has recently added the ability to store additional state and
torbutton/index.wml 474) identifiers in persistent tables, called <a
torbutton/index.wml 475) href="http://developer.mozilla.org/en/docs/DOM:Storage">DOM Storage</a>.
torbutton/index.wml 476) Obviously this can compromise your anonymity if stored content can be
torbutton/index.wml 477) fetched across Tor-state.
torbutton/index.wml 478)
torbutton/index.wml 479) <li>Clear HTTP auth sessions (recommended)</li>
torbutton/index.wml 480)
torbutton/index.wml 481) HTTP authentication credentials can be probed by exit nodes and used to both confirm that you visit a certain site that uses HTTP auth, and also impersonate you on this site.
torbutton/index.wml 482)
torbutton/index.wml 483) <li>Clear cookies on Tor/Non-Tor shutdown</li>
torbutton/index.wml 484)
torbutton/index.wml 485) These settings install a shutdown handler to clear cookies on Tor
torbutton/index.wml 486) and/or Non-Tor browser shutdown. It is independent of your Clear Private Data
torbutton/index.wml 487) settings, and does in fact clear the corresponding cookie jars.
torbutton/index.wml 488)
torbutton/index.wml 489) <li>Prevent session store from saving Tor-loaded tabs (recommended)</li>
torbutton/index.wml 490)
torbutton/index.wml 491) This option augments the session store to prevent it from writing out
torbutton/index.wml 492) Tor-loaded tabs to disk. Unfortunately, this also disables your ability to
torbutton/index.wml 493) undo closed tabs. The reason why this setting is recommended is because
torbutton/index.wml 494) after a session crash, your browser will be in an undefined Tor state, and
torbutton/index.wml 495) can potentially load a bunch of Tor tabs without Tor. The following option
torbutton/index.wml 496) is another alternative to protect against this.
torbutton/index.wml 497)
torbutton/index.wml 498) <li>On normal startup, set state to: Tor, Non-Tor, Shutdown State</li>
torbutton/index.wml 499)
torbutton/index.wml 500) This setting allows you to choose which Tor state you want the browser to
torbutton/index.wml 501) start in normally: Tor, Non-Tor, or whatever state the browser shut down in.
torbutton/index.wml 502)
torbutton/index.wml 503) <li>On crash recovery or session restored startup, restore via: Tor, Non-Tor</li>
torbutton/index.wml 504)
torbutton/index.wml 505) When Firefox crashes, the Tor state upon restart usually is completely
torbutton/index.wml 506) random, and depending on your choice for the above option, may load
torbutton/index.wml 507) a bunch of tabs in the wrong state. This setting allows you to choose
torbutton/index.wml 508) which state the crashed session should always be restored in to.
torbutton/index.wml 509)
torbutton/index.wml 510) <li>Prevent session store from saving Non-Tor/Tor-loaded tabs</li>
torbutton/index.wml 511)
torbutton/index.wml 512) These two settings allow you to control what the Firefox Session Store
torbutton/index.wml 513) writes to disk. Since the session store state is used to automatically
torbutton/index.wml 514) load websites after a crash or upgrade, it is advisable not to allow
torbutton/index.wml 515) Tor tabs to be written to disk, or they may get loaded in Non-Tor
torbutton/index.wml 516) after a crash (or the reverse, depending upon the crash recovery setting,
torbutton/index.wml 517) of course).
torbutton/index.wml 518)
torbutton/index.wml 519) <li>Set user agent during Tor usage (crucial)</li>
torbutton/index.wml 520)
torbutton/index.wml 521) User agent masking is done with the idea of making all Tor users appear
torbutton/index.wml 522) uniform. A recent Firefox 2.0.0.4 Windows build was chosen to mimic for this
torbutton/index.wml 523) string and supporting navigator.* properties, and this version will remain the
torbutton/index.wml 524) same for all TorButton versions until such time as specific incompatibility
torbutton/index.wml 525) issues are demonstrated. Uniformity of this value is obviously very important
torbutton/index.wml 526) to anonymity. Note that for this option to have full effectiveness, the user
torbutton/index.wml 527) must also allow Hook Dangerous Javascript ensure that the navigator.*
torbutton/index.wml 528) properties are reset correctly. The browser does not set some of them via the
torbutton/index.wml 529) exposed user agent override preferences.
torbutton/index.wml 530)
torbutton/index.wml 531) <li>Spoof US English Browser</li>
torbutton/index.wml 532)
torbutton/index.wml 533) This option causes Firefox to send http headers as if it were an English
torbutton/index.wml 534) browser. Useful for internationalized users.
torbutton/index.wml 535)
torbutton/index.wml 536) <li>Don't send referrer during Tor Usage</li>
torbutton/index.wml 537)
torbutton/index.wml 538) This option disables the referrer header, preventing sites from determining
torbutton/index.wml 539) where you came from to visit them. This can break some sites, however. <a
torbutton/index.wml 540) href="http://www.digg.com">Digg</a> in particular seemed to be broken by this.
torbutton/index.wml 541) A more streamlined, less intrusive version of this option should be available
torbutton/index.wml 542) eventually. In the meantime, <a
torbutton/index.wml 543) href="https://addons.mozilla.org/en-US/firefox/addon/953">RefControl</a> can
torbutton/index.wml 544) provide this functionality via a default option of <b>Forge</b>.
torbutton/index.wml 545) </ul>
torbutton/index.wml 546)
|
First stab at proper wml file.