I havesome questions about addons seeming very usefull ti me. But I don't know if I can without any problem add them to the jodofox profile:


1) Secure Sanitizer: When closing the session, it doesn't delete but wipe (DoD 3 passes) history, cookies, etc.
https://addons.mozilla.org/en-US/firefo ... sanitizer/

Does Jondofox progfile do the same thing (ie wiping datas on exit, not only deleting them) .



2) Anonymizer Nevercookies, an addon devoted to fight against the plague of ever/zombies/super cookies. It requires private browsing enabled to work (what Jondo Team doesn't generally recommand), but tests done on samy's site was conclusive.

Strangely when using it (with private mode enabled) a random-named FF profile is added to my list of FF profile, and remained in it when I restart FF.

https://www.pcworld.com/downloads/file/ ... ption.html

http://arstechnica.com/web/news/2010/09 ... reness.ars

http://samy.pl/evercookie/


Have you planed something agains "evercookies" ?

JonDoFox is blocking most features used by Samys "Evercookies".


Only one new feature is working, if Javascript was enabled. We are working on this issue:

The HTTP Auth feature is under development for Samys "Evercookie" but already secured by JonDoFox.

In fact, JonDoFox protects against this. YOu see this by leaving the site and coming back. Samy's test is not able to recognize this, but our IP check does.

Thanks for your fast and detailed answer about nevercookies.



But, what about about my first question concerning the addon secure sanitizer ? I prefer when my private session data are wiped than only deleted (and so recoverablle by some tools).

But at the same time, I wan't damage my JonDoFox profile.

So, is it cautious and secure to use secure sanitizer with JD profile ? If not, does JD profile wipe selected session datas at the end of the session, and if not, have you some plan for that ? Is it on tour "to do" list ?

I can't say somethink about "secure sanitizer" at the moment. We will have a look. But may be, it will take some time.

Sorry-but this is overkill!
you only need to write over old info once(zeros or something else)and_nobody_is abel to recover anything.
That you have to write more then once is an old myth but not true!
Check it by urself with any forensic tool-u'll never get something back.

I looked at the code and yes, there is no problem using this add-on with JonDoFox. BUT: I would not do it as it is actually not very useful. First, it seems not to be developed anymore and may only be used in FF up to 3.6. Second, as the former post already said: overwriting a file 3 times is not necessary. Third, I would say if you do not encrypt your home partition and someone gets your computer you probably have more trouble than not properly deleted cache files but if you are encrypting your home partition then there should be only a minimal risk (if risk at all) that these cache files pose. Thus, in order to reduce complexity I would suggest to not use this add-on.

We currently clear the cache at session end and do not plan to implement such kind of wiping the cache file(s).