Stable Torbutton Release Approaches
For those of you just tuning in: Over the past year, I have been the maintainer of the Torbutton Firefox extension, adding a number of features and security enhancements to transform Torbutton from a simple proxy switcher into a secure way to fully isolate all browser state from one proxy state to another and defend against all known privacy and IP address leakage attacks.
The release candidate phase of the extension started about a month ago, but with the release of Firefox 3 and Torbutton 1.2.0rc series occurring at the same time, we've hit a number of unexpected rough spots and snags. However, with the 1.2.0rc5 release of Torbutton, I'm pleased to report that the majority of those now seem to be behind us (a few annoying Firefox bugs notwithstanding).
Thanks to contributions from arno, the Cookie Jar features now work with Firefox 3. They have even been improved to allow cookies to persist in memory-based jars across Tor toggle (as opposed to requiring Tor cookies to be written to disk to preserve them), which I personally already find very useful.
In addition, Torbutton is now much better about preserving users' custom Firefox preferences, including password and form fill preferences. Amusingly, the fact that we touch these preferences to protect users during Tor usage led to wild speculation on the addons.mozilla.org page that we were using them to steal passwords and send user details to Alexa. Of course, simply grepping the source code for 'Alexa' and related IP addresses proves this to be false, but that didn't stop at least three people (or at least three sock puppets) from running with the rumor that Torbutton is a password stealer. Ignorance sure is contagious.
At any rate, after over a year since development began, it looks like we're finally getting really close to declaring Torbutton 1.2.0 'stable', which should coincide nicely with the upcoming Tor 0.2.0 stable release and bundles. It's been a long road!
Comments
Please note that the comment area below has been archived.
Thanks! Useful button. Does
Thanks! Useful button. Does it works with Firefox 2.0.0.15?
Yes.
Yes. Both Firefox 2.0 and 3.0 are supported.
Does it work with Thunderbird ?
Thanks, Torbutton is really useful for non-technical users of Firefox.
However, what about Thunderbird, is it supported or not ?
I tried to install the extension from
https://addons.mozilla.org/en-US/thunderbird/addon/2275
The page says it's Thunderbird extension but Thunderbird 2.0.0.14 refuses to install it because it is incompatible.
addons.mozilla.org is a bit janky
I have no idea how that Thunderbird page was created. Well, I do have an idea how it was created, but I don't know why it still exists. Torbutton used to support basic proxy switching on Thunderbird back in the 1.0 days, but that support has been removed because it has not been analyzed for security. My developer tools page on addons.mozilla.org clearly lists Firefox support only, so I don't know why they didn't delete that Thunderbird listing.
I am not a Thunderbird user and unfortunately, I don't have time to analyze the security issues involved with toggling proxy settings in that app. It likely suffers from similar (but not identical) state and proxy leak issues with html mail, embedded images, javascript, plugins and automatic network access. My recommendation is to create a completely separate Thunderbird profile for your Tor accounts and use that instead of trying to toggle proxy settings. But if you really like to roll fast and loose with your IP, you could try another proxy switcher like ProxyButton, SwitchProxy or FoxyProxy (if any of those happen to support thunderbird).
Blocking IPs in tor
Hi, how do i block unwanted IPs in TOR. Some one the tor nodes are malicious, they are injecting ActiveX in HTML code and modifies the data.
How do I block IPs doing this?
re: Blocking IPs in tor
Find the exit node and put it in "exclude nodes" in your torrc file.
However, you shouldn't be using a browser that honors activex through Tor. Your anonymity can be compromised through activex.
ExcludeNodes nick,nick,nick,n
ExcludeNodes
nick,nick,nick,nick,nick
TOR won't start when I write this in my torrc. Is there other way to write it or can I block whole countries? Like in this one; http://archives.seul.org/or/talk/Jul-2006/msg00079.html
Im running Windows btw.
exclude nodes
There isn't an easy way to do this in windows. In linux distros, there's tork.
Easier to block
Easier to block with.
ReachableAddresses reject x.x.x.x/16:*,accept *:80,accept *:443,reject *:*
is there somebody else who
is there somebody else who experienced this bug...?
I can´t uninstall
the program leaves xp-install/unistall-window but remain in the tray and keep sending up configuration-window.
how can I get rid of this version? (experimental vers)
I want the stable version instead...
best regards
mike
I can´t uninstall-problem solved!!
problem solved!
did manage to uninstall at last...
best regards
mike
ughhh
I can't figure out how to submit when I have tor enabled. My form buttons don't work. I can't check email or anything.
Router Login continuously reloads "Status Webpage" only.
Router Login continuously reloads "Status Webpage" only.
Temporary Solution: Disable both Torbutton and Firebug Plug-in extensions.
Can someone please explain why these two plug-in extensions cause the Dlink router status webpage to continuously reload? Is this a Dlink, Firefox or plug-in extension issue here?
It sounds like it's a dlink
It sounds like it's a dlink issue.
uninstall problem?
Hi ,I recently installed the stable download for windows xp but after I realised I had to use firefox I uninstalled it .Due to the recent net security flaw scare about network vulnerability I went on Doxpara and tested my system to see if my provider was patched and it keeps coming up with toorrr.com is trying to gain access to my ports ...is that you guys? could there be still remnants of the program on my pc after uninstall.
that's not us. It's the
that's not us. It's the domain Kaminsky used to test your dns.
Torbutton uninstalled: Cookies Still Not Accepted
Have uninstalled not just torbutton but all the related TOR suite, yet Mozilla Firefox still won't accepted needed cookies for such things as gmail. All the correct preferences in Mozilla for cookies are checked. Mozilla now twice reinstalled. Even Did a p[re-TOR System Restore. Cookies still not accepted.
Have switched back to IE, but would prefer Mozilla.
Any help appreciated.
check your settings
have you tried changing your cookie preferences?