InformAction Forums

I use NoScript with anonymity proxies.

What value should noscript.proxiedDNS be set to in order to avoid DNS leaks?

0 is the most restrictive setting, it means that NoScript won't attempt any DNS resolution if the connection is proxied.
1 prevent direct DNS resolution if you're using a SOCK5 proxy
2 performs DNS requests when needed, regardless the proxy settings

Default is 0, so you don't need to change anything.

Thanks!

P.S. What happened with noscript.canonicalFQDN ?

https://www.jondos.de/en/node/1586

Guest wrote:P.S. What happened with noscript.canonicalFQDN ?

It works only if NoScript can perform DNS queries (i.e. you're not proxied).

I know it is not directly related to the topic and apologize in advance but what proxy do you use? I have heard good things about thor and also horror stories about instabilities and so on, any ideas?

Thanks for answers.

GµårÐïåñ wrote:I know it is not directly related to the topic and apologize in advance but what proxy do you use? I have heard good things about thor and also horror stories about instabilities and so on, any ideas?

I switch between Tor, AN.ON, and i2p.

I have never heard of a proxy named thor, but maybe you meant Tor.

Tor is very good at providing anonymity because it uses circuits of multiple nodes with layered encryption, so as to prevent any single node from knowing the complete path of your packets. Tor nodes are run by volunteers, which adds unpredictability but also means that there can be malicious nodes. Since Tor cannot magically encrypt traffic from the exit node to the website you are visiting, it is not a good idea to send sensitive data like passwords over Tor unless the connection to the website is encrypted. Even then, SSL is rather broken due to MD5 collision attacks.
http://www.win.tue.nl/hashclash/rogue-ca/

Besides that, the browser must be properly configured, since plugins will usually ignore the browser's proxy settings and a skilled attacker might use a JavaScript buffer overflow to install a spyware. You also need to configure the browser to avoid DNS leaks.

Tor is sometimes slow and sometimes fast. This is because it makes circuits of random volunteer run nodes, some of which are underloaded and some of which are overloaded. Paper on why Tor is slow and what the Tor developers plan to do about it:
http://git.torproject.org/checkout/tor/ ... rmance.pdf

Thanks for the reply, I meant tor, it was a typo. Thanks for the information, I was aware of the technical aspects, just wanted to know the personal feedback aspect of what you thought. Thank you.