tor-webwml.git

@@ -62,7 +62,7 @@ includes Tor?</a></li>

     <li><a href="#TBBPolipo">I need an HTTP proxy. Where did Polipo

     go?</a></li>

     <li><a href="#TBBOtherExtensions">Can I install other Firefox

-    extensions?</a></li>

+    extensions? Which extensions should I avoid using?</a></li>

     <li><a href="#TBBJavaScriptEnabled">Why is NoScript configured to

 allow JavaScript by default in the Tor Browser Bundle?  Isn't that

 unsafe?</a></li>

@@ -942,9 +942,42 @@ YouTube

 and other Flash-based sites?</a></h3>

 <p>

-<a

-href="https://www.torproject.org/torbutton/torbutton-faq.html.

-en#noflash">Answer</a>

+YouTube and similar sites require third party browser plugins such as Flash.

+Plugins operate independently from Firefox and can perform

+activity on your computer that ruins your anonymity. This includes

+but is not limited to: <a href="http://decloak.net">completely disregarding

+proxy settings</a>, querying your <a

+href="http://forums.sun.com/thread.jspa?threadID=5162138&messageID=9618376">local

+IP address</a>, and <a

+href="http://epic.org/privacy/cookies/flash.html">storing their own

+cookies</a>. It is possible to use a LiveCD solution such as

+or <a href="https://tails.boum.org/">The Amnesic Incognito Live System</a> that creates a

+secure, transparent proxy to protect you from proxy bypass, however issues

+with local IP address discovery and Flash cookies still remain.  </p>

+

+<p>

+<a href="https://www.youtube.com/html5">YouTube offers experimental HTML5 video 

+support</a> for many of their videos. You can use their Advanced Search to 

+find HTML5 videos.

+</p>

+

+<p>

+If you are not concerned about being tracked by these sites (and sites that

+try to unmask you by pretending to be them), and are unconcerned about your

+local censors potentially noticing you visit them, you can enable plugins by

+going into the Torbutton Preferences -> Security Settings

+tab and unchecking "Disable browser plugins (such as Flash)" box. If you do this

+without The Amnesic Incognito Live System or appropriate firewall

+rules, we strongly suggest you at least use <a

+href="https://addons.mozilla.org/en-US/firefox/addon/722">NoScript</a> to <a

+href="http://noscript.net/features#contentblocking">block plugins</a>. You do

+not need to use the NoScript per-domain permissions if you check the <b>Apply

+these restrictions to trusted sites too</b> option under the NoScript Plugins

+preference tab. In fact, with this setting you can even have NoScript allow

+Javascript globally, but still block all plugins until you click on their

+placeholders in a page. We also recommend <a

+href="https://addons.mozilla.org/en-US/firefox/addon/6623">Better Privacy</a>

+in this case to help you clear your Flash cookies.

 </p>

 <hr>

@@ -1010,6 +1043,23 @@ extensions (for example, pretty much anything with the word Toolbar in

 its name).

 </p>

+<p>

+Generally, extensions that require registration, and/or provide 

+additional information about websites you are visiting, should be 

+suspect.

+</p>

+

+<p>

+Extensions you might like include

+ <a href="https://addons.mozilla.org/firefox/addon/953">RefControl</a> (referer spoofing),

+ <a href="https://addons.mozilla.org/firefox/addon/1474">SafeCache</a>,

+ <a href="https://addons.mozilla.org/en-US/firefox/addon/6623">Better Privacy</a>,

+ <a href="https://addons.mozilla.org/firefox/addon/1865">AdBlock Plus</a> (EasyPrivacy+EasyList),

+ <a href="https://addons.mozilla.org/firefox/addon/82">Cookie Culler</a>,

+ <a href="https://addons.mozilla.org/en-US/firefox/addon/9727/">Request Policy</a> and

+ <a href="https://addons.mozilla.org/en-US/firefox/addon/certificate-patrol/">Certificate Patrol</a>.

+</p> 

+

 <hr>

 <a id="TBBJavaScriptEnabled"></a>

@@ -99,37 +99,10 @@

     have enough developer resources to keep up with the accelerated

     Firefox release schedule, the toggle model of Torbutton is <a

     href="https://blog.torproject.org/blog/toggle-or-not-toggle-end-torbutton">no

-    longer recommended</a>. <b>Users should be using Tor Browser Bundle,

+    longer supported</a>. <b>Users should be using Tor Browser Bundle,

     not installing Torbutton themselves.</b>

     </p>

-    <br/><br/>

-    <strong>Current stable version:</strong><version-torbutton><br/>

-    <strong>Current alpha version:</strong><version-torbutton-alpha><br/>

-    <br/>

-    <strong>Maintainer:</strong> Mike Perry<br/>

-    <br/>

-    <strong>Expert Install (Stable):</strong> Click to <a

-    href="https://www.torproject.org/dist/torbutton/torbutton-current.xpi"

-    hash="<version-hash-torbutton>" onclick="return

-    install(event);">install from this website</a>. Verify the <a href="https://www.torproject.org/dist/torbutton/torbutton-current.xpi.asc">signature</a>.<br/>

-<!--

-    <strong>Expert Install (Alpha):</strong> Click to 

-    <a href="https://www.torproject.org/dist/torbutton/torbutton-current-alpha.xpi"

-      hash="<version-hash-torbutton-alpha>"

-      onclick="return install(event);">install from this website</a>

-    <br/>

-  -->

-<!--

-   <strong>English Google Search:</strong> 

-    Google search plugins for

-    <a href="/jsreq.html" title="Ref: 14938 (googleCA)"

-     onClick="addOpenSearch('GoogleCanada','ico','General','14937','g');return false">Google CA</a>, and 

-    <a href="/jsreq.html" title="Ref: 14938 (googleCA)"

-     onClick="addOpenSearch('googleuk_web','png','General','14445','g');return false">Google UK</a>.

-    <br/>

-  -->

-    <strong>Past Releases:</strong> <a href="https://archive.torproject.org/tor-package-archive/torbutton/">Tor Archive</a><br/>

     <strong>Developer Documentation:</strong> <a href="en/design/index.html.en">Torbutton Design Document</a> and <a href="en/design/MozillaBrownBag.pdf">Slides (Not actively updated)</a><br/>

     <strong>Source:</strong> You can <a

@@ -137,8 +110,8 @@

     repository</a> or simply unzip the xpi.

     <br/>

     <strong>Bug Reports:</strong> <a href="https://trac.torproject.org/projects/tor/report/14">Torproject Bug Tracker</a><br/>

-    <strong>Documents:</strong> <b>[</b> <a href="<page torbutton/torbutton-faq>">FAQ</a> <b>|</b>

-    <a href="<page torbutton/torbutton-options>">Torbutton options</a> <b>|</b>

+    <strong>Documents:</strong> 

+    <b>[</b> 

     <a href="https://gitweb.torproject.org/torbutton.git/blob/HEAD:/src/CHANGELOG">changelog</a> <b>|</b>

     <a href="https://gitweb.torproject.org/torbutton.git/blob/HEAD:/src/LICENSE">license</a> <b>|</b>

     <a href="https://gitweb.torproject.org/torbutton.git/blob/HEAD:/src/CREDITS">credits</a> <b>]</b>

@@ -1,18 +1,12 @@

-#!/usr/bin/wml

-

 ## translation metadata

 # Revision: $Revision$

 # Translation-Priority: 2-medium

-# this structure defines the side nav bar for the /torbutton pages

+# this structure defines the side nav bar for the /docs pages

 # and is the input for include/side.wmi

 # fields:

 #

-# name - the $WML_SRC_BASENAME of the file. It should uniquely identify the

-# page because at build-time it is used to determine what view of the

-# navigation menu to generate

-#

 # url - the path to the wml page, as used the the <page> tag. This tag ensures

 # that links will point to the current language if supported, and alternately

 # the english version 

@@ -23,14 +17,94 @@

 <:

   my $sidenav;

   $sidenav = [

-          {'url'  => 'torbutton/index',

-           'txt'  => 'Torbutton',

+      {'url'  => 'docs/documentation',

+       'txt'  => 'Documentation Overview',

+      }, 

+      {

+       'url'  => 'docs/installguide',

+       'txt'  => 'Installation Guides',

+       'subelements' => [

+          {'url'  => 'docs/tor-doc-windows',

+           'txt'  => 'Installing on Windows',

+          },

+          {'url'  => 'docs/tor-doc-unix',

+           'txt'  => 'Installing on Linux/BSD/Unix',

+          },

+          {'url'  => 'docs/debian',

+           'txt'  => 'Installing Tor on Debian/Ubuntu',

+          },

+          {'url'  => 'docs/debian-vidalia',

+           'txt'  => 'Installing Vidalia on Debian/Ubuntu',

+          },

+          {'url'  => 'docs/tor-doc-osx',

+           'txt'  => 'Installing Tor on Mac OS X',

+          },

+          {'url'  => 'docs/android',

+           'txt'  => 'Installing Tor on Android',

+          },

+          {'url'  => 'docs/N900',

+           'txt'  => 'Installing Tor on Maemo/N900',

+          },

+          {'url'  => 'docs/verifying-signatures',

+           'txt'  => 'Verify our GPG signatures',

+          }],

+      },

+      {'url'  => 'docs/manual',

+       'txt'  => 'Manuals',

        'subelements' => [

-              {'url' => 'torbutton/torbutton-options',

-               'txt' => 'Torbutton Options',

+          {   

+           'url'  => 'docs/short-user-manual',

+           'txt'  => 'Short User Manual',

+          }, 

+          {'url'  => 'docs/tor-relay-debian',

+           'txt'  => 'Configuring a Relay manually',

+          },

+          {'url'  => 'docs/tor-doc-relay',

+           'txt'  => 'Configuring a Relay graphically',

+          },

+          {'url'  => 'docs/tor-hidden-service',

+           'txt'  => 'Configuring a Hidden Service',

+          }, 

+          {'url'  => 'docs/bridges',

+           'txt'  => 'Configuring a Bridge Relay',

+          }, 

+          {'url'  => 'docs/running-a-mirror',

+           'txt'  => 'Configuring a Mirror',

+          },

+          {'url'  => 'docs/tor-manual',

+           'txt'  => 'Tor -stable Manual',

+          },

+          {'url'  => 'docs/tor-manual-dev',

+           'txt'  => 'Tor -alpha Manual',

+          },

+          {'url'  => 'docs/proxychain',

+           'txt'  => 'Configuring Tor to use a Proxy Server',

+          },

+          {'url' => '<doxygen>',

+           'txt' => 'Doxygen output from Tor codebase',

+           }]

+      },

+      {

+       'url'  => '<wiki>',

+       'txt'  => 'Tor Wiki',

+      },

+      {'url'  => 'docs/faq',

+       'txt'  => 'General FAQ',  

       },

       {'url'  => 'torbutton/torbutton-faq',

        'txt'  => 'Torbutton FAQ',

-              }]

-          }]

+      },

+      {'url'  => 'docs/faq-abuse',

+       'txt'  => 'Abuse FAQ',

+      },

+      {'url'  => 'docs/trademark-faq',

+       'txt'  => 'Trademark FAQ',

+      },

+      {'url'  => 'eff/tor-legal-faq',

+       'txt'  => 'Tor Legal FAQ',

+      },

+      {'url'  => 'eff/tor-dmca-response',

+       'txt'  => 'Tor DMCA Response',

+      },  

+  ];

 :>

@@ -12,271 +12,26 @@

 	<div id="maincol">  

     <!-- PUT CONTENT AFTER THIS TAG -->

-    <h2>Torbutton FAQ</h2>

+    <h2>Torbutton</h2>

     <hr>

-    <h3>Questions</h3>

-    <br>

-    <ul>

-    <li><a href="<page torbutton/torbutton-faq>#noflash">I can't view videos on YouTube and other flash-based sites. Why?</a></li>

-    <li><a href="<page torbutton/torbutton-faq>#oldtorbutton">Torbutton sure seems to do a lot of things, some of which I find annoying. Can't I just use the old version?</a></li>

-    <li><a href="<page torbutton/torbutton-faq>#noautocomplete">When I use Tor, Firefox is no longer filling in logins/search boxes for me. Why?</a></li>

-    <li><a href="<page torbutton/torbutton-faq>#thunderbird">What about Thunderbird support? I see a page, but it is the wrong version?</a></li>

-    <li><a href="<page torbutton/torbutton-faq>#extensionconflicts">Which Firefox extensions should I avoid using?</a></li>

-    <li><a href="<page torbutton/torbutton-faq>#recommendedextensions">Which Firefox extensions do you recommend?</a></li>

-    <li><a href="<page torbutton/torbutton-faq>#securityissues">Are there any other issues I should be concerned about?</a></li>

-    </ul>

-    <br>

-    

-    <a id="noflash"></a>

-    <strong><a class="anchor" href="#noflash">I can't view videos on YouTube and

-    other Flash-based sites. Why?</a></strong>

-    

-    <p>

-    YouTube and similar sites require third party browser plugins such as Flash.

-    Plugins operate independently from Firefox and can perform

-    activity on your computer that ruins your anonymity. This includes

-    but is not limited to: <a href="http://decloak.net">completely disregarding

-    proxy settings</a>, querying your <a

-    href="http://forums.sun.com/thread.jspa?threadID=5162138&messageID=9618376">local

-    IP address</a>, and <a

-    href="http://epic.org/privacy/cookies/flash.html">storing their own

-    cookies</a>. It is possible to use a LiveCD solution such as

-    or <a href="https://tails.boum.org/">The Amnesic Incognito Live System</a> that creates a

-    secure, transparent proxy to protect you from proxy bypass, however issues

-    with local IP address discovery and Flash cookies still remain.  </p>

-    

-    <p>

-    If you are not concerned about being tracked by these sites (and sites that

-    try to unmask you by pretending to be them), and are unconcerned about your

-    local censors potentially noticing you visit them, you can enable plugins by

-    going into the Torbutton Preferences->Security Settings

-    tab and unchecking "Disable browser plugins (such as Flash)" box. If you do this

-    without The Amnesic Incognito Live System or appropriate firewall

-    rules, we strongly suggest you at least use <a

-    href="https://addons.mozilla.org/en-US/firefox/addon/722">NoScript</a> to <a

-    href="http://noscript.net/features#contentblocking">block plugins</a>. You do

-    not need to use the NoScript per-domain permissions if you check the <b>Apply

-    these restrictions to trusted sites too</b> option under the NoScript Plugins

-    preference tab. In fact, with this setting you can even have NoScript allow

-    Javascript globally, but still block all plugins until you click on their

-    placeholders in a page. We also recommend <a

-    href="https://addons.mozilla.org/en-US/firefox/addon/6623">Better Privacy</a>

-    in this case to help you clear your Flash cookies.

-    </p>

-    

-    <a id="oldtorbutton"></a>

-    <strong><a class="anchor" href="#oldtorbutton">Torbutton sure seems to do a lot of things, some of which I find

-    annoying. Can't I just use the old version?</a></strong>

-    

-    <p>

-    

-    <b>No.</b> Use of the old version, or any other vanilla proxy changer

-    (including FoxyProxy -- see below) without Torbutton is actively discouraged.

-    Seriously. Using a vanilla proxy switcher by itself is so insecure that you are

-    not only just wasting your time, you are also actually endangering yourself.

-    <b>Simply do not use Tor</b> and you will have the same (and in some cases,

-    better) security.  For more information on the types of attacks you are exposed

-    to with a "homegrown" solution, please see <a

-    href="design/index.html.en#adversary">The Torbutton

-    Adversary Model</a>, in particular the <a

-    href="design/index.html.en#attacks">Adversary

-    Capabilities - Attacks</a> subsection. If there are any specific Torbutton

-    behaviors that you do not like, please file a bug on <a

-    href="https://trac.torproject.org/projects/tor/report/14">the

-    bug tracker.</a> Most of Torbutton's security features can also be disabled via

-    its preferences, if you think you have your own protection for those specific

-    cases.

-    

-    </p>

-    

-    <a id="noautocomplete"></a>

-    <strong><a class="anchor" href="#noautocomplete">When I use Tor, Firefox is no longer filling in logins/search boxes

-    for me. Why?</a></strong>

-    

-    <p>

-    Currently, this is tied to the "<b>Block history writes during Tor</b>"

-    setting. If you have enabled that setting, all formfill functionality (both

-    saving and reading) is disabled. If this bothers you, you can uncheck that

-    option, but both history and forms will be saved. To prevent history

-    disclosure attacks via Non-Tor usage, it is recommended you disable Non-Tor

-    history reads if you allow history writing during Tor.

-    </p>

-    

-    <a id="thunderbird"></a>

-    <strong><a class="anchor" href="#thunderbird">What about Thunderbird support? I see a page, but it is the wrong

-    version?</a></strong>

-    

-    <p>

-    The Tor plugin for Thunderbird is called <a href="https://trac.torproject.org/projects/tor/wiki/torbirdy">

-    TorBirdy</a>.

-    </p>

-    

-    <a id="extensionconflicts"></a>

-    <strong><a class="anchor" href="#extensionconflicts">Which Firefox extensions should I avoid using?</a></strong>

-    

-    <p>

-    This is a tough one. There are thousands of Firefox extensions: making a

-    complete list of ones that are bad for anonymity is near impossible. However,

-    here are a few examples that should get you started as to what sorts of

-    behavior are dangerous.

-    </p>

-    

-    <ol>

-     <li>StumbleUpon, et al

-     <p>

-     These extensions will send all sorts of information about the websites you

-     visit to the stumbleupon servers, and correlate this information with a

-     unique identifier. This is obviously terrible for your anonymity.

-     More generally, any sort of extension that requires registration, or even

-     extensions that provide information about websites you visit should be

-     suspect.

-     </p></li>

-     <li>FoxyProxy

-    <p>

-    While FoxyProxy is a nice idea in theory, in practice it is impossible to

-    configure securely for Tor usage without Torbutton. Like all vanilla third

-    party proxy plugins, the main risks are <a

-    href="http://www.decloak.net/">plugin leakage</a>

-    and <a href="http://ha.ckers.org/weird/CSS-history.cgi">history

-    disclosure</a>, followed closely by cookie theft by exit nodes and tracking by

-    adservers (see the <a href="design/index.html.en#adversary">Torbutton Adversary

-    Model</a> for more information). However, with Torbutton installed in tandem

-    and always enabled, it is possible to configure FoxyProxy securely (though it

-    is tricky). Since FoxyProxy's 'Patterns' mode only applies to specific urls,

-    and not to an entire tab, setting FoxyProxy to only send specific sites

-    through Tor will still allow adservers (whose hosts don't match your filters) to learn your real IP. Worse, when

-    sites use offsite logging services such as Google Analytics, you will

-    still end up in their logs with your real IP. Malicious exit nodes can also

-    cooperate with sites to inject images into pages that bypass your filters.

-    Setting FoxyProxy to only send certain URLs via Non-Tor is much more secure in

-    this regard, but be very careful with the filters you allow. For example,

-    something as simple as allowing *google* to go via Non-Tor will still cause you to end up

-    in all the logs of all websites that use Google Analytics!  See

-    <a href="http://foxyproxy.mozdev.org/faq.html#privacy-01">this question</a> on

-    the FoxyProxy FAQ for more information.

-     </p></li>

-    </ol>

-    

-    <a id="recommendedextensions"></a>

-    <strong><a class="anchor" href="#recommendedextensions">Which Firefox extensions do you recommend?</a></strong>

-    <ol>

-     <li><a href="https://addons.mozilla.org/firefox/addon/953">RefControl</a>

-    	<p>

-    Mentioned above, this extension allows more fine-grained referrer spoofing

-    than Torbutton currently provides. It should break less sites than Torbutton's

-    referrer spoofing option.</p></li>

-    

-     <li><a href="https://addons.mozilla.org/firefox/addon/1474">SafeCache</a>

     <p>

-    If you use Tor excessively, and rarely disable it, you probably want to

-    install this extension to minimize the ability of sites to store long term

-    identifiers in your cache. This extension applies same origin policy to the

-    cache, so that elements are retrieved from the cache only if they are fetched

-    from a document in the same origin domain as the cached element.

-    </p></li>

-    

-     <li><a href="https://addons.mozilla.org/en-US/firefox/addon/6623">Better

-    Privacy</a>

-     <p>

-    

-    Better Privacy is an excellent extension that protects you from cookies used

-    by Flash applications, which often persist forever and are not clearable via

-    normal Firefox "Private Data" clearing. Flash and all other plugins are

-    disabled by Torbutton by default, but if you are interested in privacy, you

-    may want this extension to allow you to inspect and automatically clear your

-    Flash cookies for your Non-Tor usage.

-    

+    Torbutton is the component in <a href="<page projects/torbrowser>">Tor

+    Browser Bundle</a> that takes care of application-level

+    security and privacy concerns in Firefox.  To keep you safe,

+    Torbutton disables many types of active content.

     </p>

-     </li>

-     <li><a href="https://addons.mozilla.org/firefox/addon/1865">AdBlock Plus</a>

-     <p>

-    

-    AdBlock Plus is an excellent addon for removing annoying, privacy-invading,

-    and <a

-    href="http://www.wired.com/techbiz/media/news/2007/11/doubleclick">malware-distributing</a>

-    advertisements from the web. It provides

-    <a href="http://adblockplus.org/en/subscriptions">subscriptions</a> that are

-    continually updated to catch the latest efforts of ad networks to circumvent

-    these filters. I recommend the EasyPrivacy+EasyList combination filter

-    subscription in the Miscellaneous section of the subscriptions page.

-     </p>

-    </li> 

-    <li><a href="https://addons.mozilla.org/firefox/addon/82">Cookie Culler</a>

     <p>

-    

-    Cookie Culler is a handy extension to give quick access to the cookie manager

-    in Firefox. It also provides the ability to protect certain cookies from

-    deletion, but unfortunately, this behavior does not integrate well with Torbutton.

-    

+    Now that the <a href="<page projects/torbrowser>">Tor Browser

+    Bundle</a> includes a patched version of Firefox, and because we don't

+    have enough developer resources to keep up with the accelerated

+    Firefox release schedule, the toggle model of Torbutton is <a

+    href="https://blog.torproject.org/blog/toggle-or-not-toggle-end-torbutton">no

+    longer supported</a>. <b>Users should be using Tor Browser Bundle,

+    not installing Torbutton themselves.</b>

     </p>

-     </li>

-    

-     <li><a href="https://addons.mozilla.org/en-US/firefox/addon/722">NoScript</a>

-     <p>

-     Torbutton currently mitigates all known anonymity issues with Javascript.

-     However, if you are concerned about Javascript exploits against your browser

-     or against websites you are logged in to, you may want to use NoScript. It

-     provides the ability to allow Javascript only for particular websites

-     and also provides mechanisms to force HTTPS urls for sites with

-    <a href="http://fscked.org/category/tags/insecurecookies">insecure

-     cookies</a>.<br>

-     It can be difficult to configure such that the most sites will work

-     properly though. In particular, you want to make sure you do not remove

-     the Javascript whitelist for

-     addons.mozilla.org, as extensions are downloaded via http and verified by

-     javascript from the https page.

-    

-     </p></li>

-     <li><a href="https://addons.mozilla.org/en-US/firefox/addon/9727/">Request

-    Policy</a>

-     <p>

-    

-    Request Policy is similar to NoScript in that it requires that you configure

-    which sites are allowed to load content from other domains. It can be very

-    difficult for novice users to configure properly, but it does provide a good

-    deal of protection against ads, injected content, and cross-site request

-    forgery attacks.

-    

-     </p>

-     </li>

-    

-    </ol>

-    

-    <a id="securityissues"></a>

-    <strong><a class="anchor" href="#securityissues">Are there any other issues I should be concerned about?</a></strong>

-    

-    <p>

-    There are a few known security issues with Torbutton (all of which are due to

-    <a href="design/index.html.en#FirefoxBugs">unfixed

-    Firefox security bugs</a>). The most important for anonymity is that it is

-    possible to unmask the javascript hooks that wrap the Date object to conceal

-    your timezone in Firefox 2, and the timezone masking code does not work at all

-    on Firefox 3. We are working with the Firefox team to fix one of <a

-    href="https://bugzilla.mozilla.org/show_bug.cgi?id=392274">Bug 399274</a> or

-    <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=419598">Bug 419598</a>

-    to address this. In the meantime, it is possible to set the <b>TZ</b>

-    environment variable to <b>UTC</b> to cause the browser to use UTC as your

-    timezone. Under Linux, you can add an <b>export TZ=UTC</b> to the

-    /usr/bin/firefox script, or edit your system bashrc to do the same. Under

-    Windows, you can set either a <a

-    href="http://support.microsoft.com/kb/310519">User or System Environment

-    Variable</a> for TZ via My Computer's properties. In MacOS, the situation is

-    <a

-    href="http://developer.apple.com/documentation/MacOSX/Conceptual/BPRuntimeConfig/Articles/EnvironmentVars.html#//apple_ref/doc/uid/20002093-BCIJIJBH">a

-    lot more complicated</a>, unfortunately.

-    </p>

-    

-    <p>

-    In addition, RSS readers such as Firefox Livemarks can perform

-    periodic fetches. Due to <a

-    href="https://bugzilla.mozilla.org/show_bug.cgi?id=436250">Firefox Bug

-    436250</a>, there is no way to disable Livemark fetches during Tor. This can

-    be a problem if you have a lot of custom Livemark urls that can give away

-    information about your identity.

-    </p>

     </div>

   <!-- END MAINCOL -->

   <div id = "sidecol">

@@ -12,255 +12,25 @@

 	<div id="maincol">  

     <!-- PUT CONTENT AFTER THIS TAG -->

-    <h2>Torbutton Options</h2>

+    <h2>Torbutton</h2>

     <hr>

-    <p>Torbutton 1.2.0 adds several new security features to protect your

-    anonymity from all the major threats we know about. The defaults should be

-    fine (and safest!) for most people, but in case you are the tweaker type,

-    or if you prefer to try to outsource some options to more flexible extensions,

-    here is the complete list. (In an ideal world, these descriptions should all be

-    tooltips in the extension itself, but Firefox bugs <a

-    href="https://bugzilla.mozilla.org/show_bug.cgi?id=45375">45375</a> and <a

-    href="https://bugzilla.mozilla.org/show_bug.cgi?id=218223">218223</a> currently

-    prevent this.)</p>

-    

-    <ul>

-     <li>Disable plugins on Tor Usage (crucial)<p> 

-    

-      This option is key to Tor security. Plugins perform their own networking

-    independent of the browser, and many plugins only partially obey even their own

-    proxy settings.

-    </p></li>

-      <li>Isolate Dynamic Content to Tor State (crucial)<p> 

-    

-      Another crucial option, this setting causes the plugin to disable Javascript

-      on tabs that are loaded during a Tor state different than the current one,

-      to prevent delayed fetches of injected URLs that contain unique identifiers,

-      and to prevent meta-refresh tags from revealing your IP when you turn off

-      Tor. It also prevents all fetches from tabs loaded with an opposite Tor

-      state. This serves to block non-Javascript dynamic content such as CSS

-      popups from revealing your IP address if you disable Tor.

-    </p></li>

-      <li>Hook Dangerous Javascript (crucial)<p> 

-    

-    This setting enables the Javascript hooking code. Javascript is injected into

-    pages to hook the Date object to mask your timezone, and to hook the navigator

-    object to mask OS and user agent properties not handled by the standard

-    Firefox user agent override settings.

-    </p></li>

-      <li>Resize window dimensions to multiples of 50px on toggle (recommended)<p> 

-    

-    To cut down on the amount of state available to fingerprint users uniquely, 

-    this pref causes windows to be resized to a multiple of 50 pixels on each

-    side when Tor is enabled and pages are loaded.

-    </p></li>

-      <li>Disable Updates During Tor (recommended)<p> 

-    

-    Under Firefox 2, many extension authors did not update their extensions from 

-    SSL-enabled websites. It is possible for malicious Tor nodes to hijack these extensions and replace them with malicious ones, or add malicious code to 

-    existing extensions. Since Firefox 3 now enforces encrypted and/or

-    authenticated updates, this setting is no longer as important as it once

-    was (though updates do leak information about which extensions you have, it is

-    fairly infrequent).

-    </p></li>

-      <li>Disable Search Suggestions during Tor (optional)<p> 

-    

-    This optional setting governs if you get Google search suggestions during Tor

-    usage. Since no cookie is transmitted during search suggestions, this is a

-    relatively benign behavior.

-    </p></li>

-      <li>Block Livemarks updates during Tor usage (recommended)<p> 

-    

-    This setting causes Torbutton to disable your <a

-    href="http://www.mozilla.com/firefox/livebookmarks.html">Live bookmark</a>

-    updates. Since most people use Live bookmarks for RSS feeds from their blog,

-    their friends' blogs, the wikipedia page they edit, and other such things,

-    these updates probably should not happen over Tor. This feature takes effect

-    in Firefox 3.5 and above only.

-    

-    </p></li>

-      <li>Block Tor/Non-Tor access to network from file:// urls (recommended)<p> 

-    

-    These settings prevent local html documents from transmitting local files to

-    arbitrary websites <a href="http://www.gnucitizen.org/blog/content-disposition-hacking/">under Firefox 2</a>. Since exit nodes can insert headers that

-    force the browser to save arbitrary pages locally (and also inject script into

-    arbitrary html files you save to disk via Tor), it is probably a good idea to

-    leave this setting on.

-    </p></li>

-      <li>Close all Non-Tor/Tor windows and tabs on toggle (optional)<p> 

-    

-    These two settings allow you to obtain a greater degree of assurance that

-    after you toggle out of Tor, the pages are really gone and can't perform any

-    extra network activity. Currently, there is no known way that pages can still

-    perform activity after toggle, but these options exist as a backup measure

-    just in case a flaw is discovered. They can also serve as a handy 'Boss

-    Button' feature for clearing all Tor browsing off your screen in a hurry.

-    </p></li>

-      <li>Isolate access to history navigation to Tor state (crucial)<p> 

-    

-    This setting prevents both Javascript and accidental user clicks from causing

-    the session history to load pages that were fetched in a different Tor state

-    than the current one. Since this can be used to correlate Tor and Non-Tor

-    activity and thus determine your IP address, it is marked as a crucial 

-    setting.

-    </p></li>

-      <li>Block History Reads during Tor (crucial)<p> 

-    

-      Based on code contributed by <a href="http://www.collinjackson.com/">Collin

-      Jackson</a>, when enabled and Tor is enabled, this setting prevents the

-    rendering engine from knowing if certain links were visited.  This mechanism

-    defeats all document-based history disclosure attacks, including CSS-only

-    attacks.

-    </p></li>

-      <li>Block History Reads during Non-Tor (recommended)<p> 

-    

-      This setting accomplishes the same but for your Non-Tor activity.

-    </p></li>

-      <li>Block History Writes during Tor (recommended)<p> 

-    

-      This setting prevents the rendering engine from recording visited URLs, and

-    also disables download manager history. Note that if you allow writing of Tor history,

-    it is recommended that you disable non-Tor history reads, since malicious

-    websites you visit without Tor can query your history for .onion sites and

-    other history recorded during Tor usage (such as Google queries).

-    </p></li>

-      <li>Block History Writes during Non-Tor (optional)<p> 

-    

-    This setting also disables recording any history information during Non-Tor

-    usage.

-    </p></li>

-    <li>Clear History During Tor Toggle (optional)<p> 

-    

-      This is an alternate setting to use instead of (or in addition to) blocking

-    history reads or writes.

-    </p></li>

-      <li>Block Password+Form saving during Tor/Non-Tor<p> 

-    

-      These options govern if the browser writes your passwords and search

-      submissions to disk for the given state.

-    </p></li>

-      <li>Block Tor disk cache and clear all cache on Tor Toggle<p> 

-    

-      Since the browser cache can be leveraged to store unique identifiers, cache

-    must not persist across Tor sessions. This option keeps the memory cache active

-    during Tor usage for performance, but blocks disk access for caching.

-    </p></li>

-      <li>Block disk and memory cache during Tor<p> 

-    

-      This setting entirely blocks the cache during Tor, but preserves it for

-    Non-Tor usage.

-    </p></li>

-      <li>Clear Cookies on Tor Toggle<p> 

-    

-      Fully clears all cookies on Tor toggle.

-    </p></li>

-      <li>Store Non-Tor cookies in a protected jar<p> 

-    

-      This option stores your persistent Non-Tor cookies in a special cookie jar

-      file, in case you wish to preserve some cookies. Based on code contributed

-      by <a href="http://www.collinjackson.com/">Collin Jackson</a>. It is

-      compatible with third party extensions that you use to manage your Non-Tor

-      cookies. Your Tor cookies will be cleared on toggle, of course.

-    </p></li>

-      <li>Store both Non-Tor and Tor cookies in a protected jar (dangerous)<p> 

-    

-      This option stores your persistent Tor and Non-Tor cookies 

-      separate cookie jar files. Note that it is a bad idea to keep Tor

-      cookies around for any length of time, as they can be retrieved by exit

-      nodes that inject spoofed forms into plaintext pages you fetch.

-    </p></li>

-      <li>Manage My Own Cookies (dangerous)<p> 

-    

-      This setting allows you to manage your own cookies with an alternate

-    extension, such as <a href="https://addons.mozilla.org/firefox/addon/82">CookieCuller</a>. Note that this is particularly dangerous,

-    since malicious exit nodes can spoof document elements that appear to be from

-    sites you have preserved cookies for (and can then do things like fetch your

-    entire gmail inbox, even if you were not using gmail or visiting any google

-    pages at the time!).

-    </p></li>

-      <li>Do not write Tor/Non-Tor cookies to disk<p> 

-    

-      These settings prevent Firefox from writing any cookies to disk during the

-      corresponding Tor state. If cookie jars are enabled, those jars will

-      exist in memory only, and will be cleared when Firefox exits.

-    </p></li>

-      <li>Disable DOM Storage during Tor usage (crucial)<p> 

-    

-      Firefox has recently added the ability to store additional state and

-      identifiers in persistent tables, called <a

-      href="http://developer.mozilla.org/docs/DOM:Storage">DOM Storage</a>.

-      Obviously this can compromise your anonymity if stored content can be

-      fetched across Tor-state.

-    </p></li>

-      <li>Clear HTTP auth sessions (recommended)<p> 

-    

-      HTTP authentication credentials can be probed by exit nodes and used to both confirm that you visit a certain site that uses HTTP auth, and also impersonate you on this site. 

-    </p></li>

-      <li>Clear cookies on Tor/Non-Tor shutdown<p> 

-    

-      These settings install a shutdown handler to clear cookies on Tor

-    and/or Non-Tor browser shutdown. It is independent of your Clear Private Data

-    settings, and does in fact clear the corresponding cookie jars.

-    </p></li>

-      <li>Prevent session store from saving Tor-loaded tabs (recommended)<p> 

-    

-      This option augments the session store to prevent it from writing out

-      Tor-loaded tabs to disk. Unfortunately, this also disables your ability to 

-      undo closed tabs. The reason why this setting is recommended is because

-      after a session crash, your browser will be in an undefined Tor state, and

-      can potentially load a bunch of Tor tabs without Tor. The following option

-      is another alternative to protect against this.

-    </p></li>

-      <li>On normal startup, set state to: Tor, Non-Tor, Shutdown State<p> 

-    

-      This setting allows you to choose which Tor state you want the browser to

-      start in normally: Tor, Non-Tor, or whatever state the browser shut down in.

-    </p></li>

-      <li>On crash recovery or session restored startup, restore via: Tor, Non-Tor<p> 

-    

-      When Firefox crashes, the Tor state upon restart usually is completely

-      random, and depending on your choice for the above option, may load 

-      a bunch of tabs in the wrong state. This setting allows you to choose

-      which state the crashed session should always be restored in to.

-    </p></li>

-      <li>Prevent session store from saving Non-Tor/Tor-loaded tabs<p> 

-    

-      These two settings allow you to control what the Firefox Session Store

-      writes to disk. Since the session store state is used to automatically

-      load websites after a crash or upgrade, it is advisable not to allow

-      Tor tabs to be written to disk, or they may get loaded in Non-Tor

-      after a crash (or the reverse, depending upon the crash recovery setting, 

-      of course).

-    </p></li>

-      <li>Set user agent during Tor usage (crucial)<p> 

-    

-      User agent masking is done with the idea of making all Tor users appear

-    uniform. A recent Firefox 2.0.0.4 Windows build was chosen to mimic for this

-    string and supporting navigator.* properties, and this version will remain the

-    same for all TorButton versions until such time as specific incompatibility

-    issues are demonstrated. Uniformity of this value is obviously very important

-    to anonymity. Note that for this option to have full effectiveness, the user

-    must also allow Hook Dangerous Javascript ensure that the navigator.*

-    properties are reset correctly.  The browser does not set some of them via the

-    exposed user agent override preferences.

-    </p></li>

-      <li>Spoof US English Browser<p> 

-    

-    This option causes Firefox to send http headers as if it were an English

-    browser. Useful for internationalized users.

-    </p></li>

-      <li>Don't send referrer during Tor Usage<p> 

-    

-    This option disables the referrer header, preventing sites from determining

-    where you came from to visit them. This can break some sites, however. <a

-    href="http://www.digg.com">Digg</a> in particular seemed to be broken by this.

-    A more streamlined, less intrusive version of this option should be available

-    eventually. In the meantime, <a

-    href="https://addons.mozilla.org/firefox/addon/953">RefControl</a> can

-    provide this functionality via a default option of <b>Forge</b>.

-    </p></li>

-    </ul>

+    <p>

+    Torbutton is the component in <a href="<page projects/torbrowser>">Tor

+    Browser Bundle</a> that takes care of application-level

+    security and privacy concerns in Firefox.  To keep you safe,

+    Torbutton disables many types of active content.

+    </p>

+  

+    <p>

+    Now that the <a href="<page projects/torbrowser>">Tor Browser

+    Bundle</a> includes a patched version of Firefox, and because we don't

+    have enough developer resources to keep up with the accelerated

+    Firefox release schedule, the toggle model of Torbutton is <a

+    href="https://blog.torproject.org/blog/toggle-or-not-toggle-end-torbutton">no

+    longer supported</a>. <b>Users should be using Tor Browser Bundle,

+    not installing Torbutton themselves.</b>

+    </p>

     </div>

   <!-- END MAINCOL -->

   <div id = "sidecol">