Yes, I know that this forum is about crypto-stuff, but those who are using strong encryption should be very careful about what is happening when their data is clear.-
Situation:
My (new) router needs javascript and preferes Mozilla, so I installed firefox with bad feelings.
Privoxy-proxy was disabled in firefox and it was used only for that crappy router.
All configurable settings EXPLICITLY DISALLOW any updating (ask what to do, instead) and, of course, the startpage was that from the router, not from mozilla.
When fighting with shitty-xine, suddenly and without any question, firefox fetched or
transfered something to or from the internet and a short message said something from
"upgrading". Because the local-proxy was disabled for the local router, no log was used.
This is especially suspicious, because I just made all updates for my subdistri short ago.
I am deinstalling firefox now, as I can make a router-workaround in konqueror.
Another warning about user-agent-transmitting in Netscape clones:
I realized years ago in netscape 4.7-or-so, that deleting the user-agent-string
somewhere in netscape really forbid the transmission of the user-agent in normal-use,
but when a ssl-request is initiated from the webside another user-agent from another
netscape-program-location is transmitting the user-agent-string !
After searching and deleting that second user-agent-string with hexedit, that rat-hole
was filled; this still maybe the case today.
How did I checked the transmission of user-agent-string via ssl ?
I made an email-account at safe-mail.net and looked in the log-area of my own last-login.
Ideas of making a logfile for, at least, all that is send via what-ever-protocol towards
the internet ????
Even debian is not free of shitware......
stay aware, stay awake, stay alive, Reverend
-
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/
