Security notes

From JonDonym Wiki
Jump to: navigation, search

En2.png De2.png  Main Page (en) | Information for JonDonym users

Contents

Security notes for anonymous web surfing

General notes about secure and anonymous web surfing

If you are surfing the web via JonDo using JonDoFox, your IP address and the characteristics of your browser are anonymized. But you should in any case pay attention to the following notes while surfing, because otherwise JonDonym is not able to protect you:

  • If it is possible, enter personal data on web sites only if they are secured by HTTPS. JonDoFox shows for these sites a blue or green bar within the address bar.
  • If it is possible, enter your correct personal data only if you want to order some physical product. In all the other cases you should use imagined identities and do not use login names more than once.
  • Use different, randomly generated and preferably long passwords for each web service. You may use password programs like KeePass, in order to generate identities and passwords automatically and save them securely.
  • Avoid Flash and Java applications. Download web videos instead of viewing them directly in your browser.
  • For most attacs from the web modified PDF documents are used. Do not have displayed pdf-documents in your browser. Use an external application like the PDF viewers recommeded by PDFreaders.org. Time by time these viewers have security bugs too. Keep your reader up-to-date.
  • Do not use Adobe Acrobat or if you have to use it, respect the security nodes settings of your Acrobat Reader.
  • Allow JavaScript only if you need it necessarily.
  • Allow cookies just temporarily. Do not use Google search if you have accepted cookies for Googlemail.

EMET

The EMET tool allows to reduce risks of MS applications.

Download EMET

Optimize Foxit PDF Reader security

Download PDF Foxit Reader: FOXIT-PDF-READER

Disable JavaScript

Enable Trust Manager

Disable Create Link from URL and Screen word-capturing

Secure PDF documents: harden Adobe Acrobat against attacks

Using Edit->Preferences (key combination: Ctl+K), you should disable various functions of your Adobe Reader in order to secure it against hackers.

Multimedia Trust must not be allowed (prevents direct IP connections):

Adobe multimedia.png

JavaScript must be deactivated (prevents hacker attacks):

Adobe javascript.png

Internet: Forbid displaying PDFs in the browser (prevents direct IP connections):

Adobe internet.png

Trust Manager: Forbid to open external applications (prevents hacker attacks)

Acrobat executable en.png

Personal tools