> On 12/12/11 7:00 AM, Chris wrote: >> I have a few problems with the TBB. >> >> 1. It isn't in a repository. For security reasons this should be >> changed. >> >> 2. It merges polipo/Tor together with everything else when Tor should be >> run as a separate user with an unrestricted Internet connection while >> the >> user should run Firefox (with appropriate settings) under a restricted >> user account with no direct Internet. > > IMHO the "Starter" of the TBB should be much more intelligent by > providing: > > a) decompression of TBB > b) splash logo with progress-bar > c) app-level jailing of various application > > > For point "c" i mean providing a sort of "app-armor" or "*osx" sandbox > system but at application level with library preloading, directly > managing the security profile from the starter. > > That way it could be much portable the "application security" of the > system. > > -naif
I'd agree. I think it should be taken a step farther even and a distribution should be produced around it. If you simply install TBB on a PC you are going to be leaking activities to disk and potentially doing other things as well. Accidents for instance such as: printing a web page (possibly unknowingly- possibly to a network printer- possibly to a work printer, possibly out of paper, you may not even realize it), or running the wrong browser and not noticing. If you are forced to boot off an external medium that is a secured environment this is unlikely to occur. _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
