lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri Jun  9 18:33:44 2006
From: kyphros at gmail.com (Mike Owen)
Subject: Re: blocking tor is not the right way forward.
	It may just be the right way backward.

On 6/9/06, Cardoso <cardosolistas@...traditorium.com> wrote:
>
> Most websites rely on cookies, sessions and javascript. If a user can't
> live with that, I'm very sorry but there's nothing I can do.
>

Actually, no, most websites don't. I use a deny by default cookie
policy, and NoScript, and nearly every single website I visit works. I
need to enable session cookies when I'm buying something online, but
JavaScript is rare that I ever need to enable it for a site.

> Same about corporate networks where people way high on the food chain
> demand full access, no firewall control or even transparent filtering.
>

If you have that kind of problem where you work, you need to work on
more education and security awareness. Where I am, we force all
outbound traffic through a proxy, and everyone including the oh so
precious C level goes through it.

Mike

Powered by blists - more mailing lists