JonDoFox sources

From JonDonym Wiki
(Difference between revisions)
Jump to: navigation, search
 
(One intermediate revision by one user not shown)
Line 12: Line 12:
 
If your svn client complains about our self-signed certificate you may compare the SHA1 fingerprints to make sure you download our sources. The SHA1-fingerprint of our certificate is:  
 
If your svn client complains about our self-signed certificate you may compare the SHA1 fingerprints to make sure you download our sources. The SHA1-fingerprint of our certificate is:  
  
1f:b4:87:54:12:ea:0d:2b:76:34:a9:d4:fb:d9:00:7b:d9:f2:4d
+
93:82:7d:96:6a:bf:0e:72:88:d2:90:6d:af:e1:a4:e1:11:00:67:7b
  
 
Afterwards change the directory to ''trunk'' and run the appropriate shellscript:
 
Afterwards change the directory to ''trunk'' and run the appropriate shellscript:
Line 23: Line 23:
  
 
The source of the documentation may be found [https://secure-proxy-howto.anonymous-proxy-servers.net/download/JonDoFoxDokumentation.tex here], a compiled .pdf may be found [https://secure-proxy-howto.anonymous-proxy-servers.net/download/JonDoFoxDokumentation.pdf here] (currently only an old german version).
 
The source of the documentation may be found [https://secure-proxy-howto.anonymous-proxy-servers.net/download/JonDoFoxDokumentation.tex here], a compiled .pdf may be found [https://secure-proxy-howto.anonymous-proxy-servers.net/download/JonDoFoxDokumentation.pdf here] (currently only an old german version).
 
==JonDoFox' Defenses==
 
* HTTP-Header
 
** spoofing of User Agent (general.appname.override, general.appversion.override, general.buildID.override, general.oscpu.override, general.platform.override, general.productSub.override, general.useragent.override, general.useragent.vendor, general.useragent.vendorSub)
 
** spoofing of Referer
 
** further header spoofing (intl.accept_languages, intl.charset.default, network.http.accept.default)
 
 
* Further preferences
 
** browser.pagethumbnails.capturing_disabled set to true
 
** browser.search.suggest.enabled set to false
 
** browser.zoom.siteSpecific set to false
 
** plugin.expose_full_path set to false
 
** browser.send_pings set to false
 
** dom.network.enabled set to false
 
** dom.storage.enabled set to false
 
** geo.enabled set to false
 
** network.prefetch-next set to false
 
** network.proxy.socks_remote_dns set to true
 
** network.http.proxy.keep-alive set to false
 
** view_source.editor.external set to false
 
** security.remember_cert_checkbox_default_setting set to false
 
** security.default_personal_cert set to "Ask Every Time"
 
** privacy.sanitize.sanitizeOnShutdown set to true
 
** privacy.clearOnShutdown.history set to false
 
** privacy.clearOnShutdown.offlineApps set to true
 
** network.cookie.cookieBehavior set to 2
 
** network.protocol-handler.warn-external.news set to true
 
** network.protocol-handler.warn-external.snews set to true
 
** network.protocol-handler.warn-external.nntp set to true
 
** network.protocol-handler.warn-external.file set to true
 
** network.protocol-handler.warn-external.mailto set to true
 
** network.protocol-handler.warn-external-default set to true
 
** browser.history_expire_days set to 0
 
** network.http.accept-encoding set to "gzip,deflate" (FF4 and higher)
 
** privacy.donottrackheader.enabled set to true (FF4 and higher)
 
** extensions.getAddons.cache.enabled set to false (FF4 and higher)
 
** dom.indexedDB.enabled set to false (FF4 and higher)
 
** webgl.disabled set to true (FF4 and higher)
 
** browser.display.use_document_fonts set to 0
 
** browser.sessionhistory.max_entries set to 2 (FF4 and higher)
 
** browser.safebrowsing.* => set relevant safebrowsing peferences to values that do neither leak the deployed language nor the FF version to Google (see the preferences.js in the JonDoFox.xpi for the currently used values)
 
** security.enable_tls_session_tickets set to false to avoid fingerprinting via TLS Session Resumption
 
** dom.battery.enabled set to false to avoid leaking some fingerprintable information in some corner cases
 
** dom.performance_enable set to false (FF7 and higher) in order to avoid fingerprinting a user deploying detailed page load statistics (although this threat is somewhat mitigated by having an anonymization service between the user and the attacker)
 
** network.http.spdy.enabled set to false
 
** dom.network.enabled set to false
 
** extensions.blocklist.enabled set to false
 
** media.peerconnection.enabled set to false
 
 
*Cookies, DOM storage and IndexedDB
 
** cookies currently blocked per default via Cookie Monster {planned an own user friendly tabspecific CM}
 
** DOM storage currently disabled per preference {planned to expand the CM to the handling of DOM storage}
 
** The IndexedDB feature is disabled per preference at the moment {planned to expand the CM to the handling of the IndexedDB feature}
 
 
*Cache
 
** modified SafeCache code {planned to expand the tabspecific design mentioned above to handle cache cases as well}
 
 
*HTTP-Authentication
 
** included first defense against HTTP-Auth tracking (see: [http://jeremiahgrossman.blogspot.com/2007/04/tracking-users-without-cookies.html http://jeremiahgrossman.blogspot.com/2007/04/tracking-users-without-cookies.html]) {planned to use the same partitioning methods as SafeCache and the Referer-spoofing in the mid-run; tabspecific separation in the long run}
 
 
*Browser History
 
** currently disabled per preference (FF3.x)
 
 
*Websockets
 
** currently disabled per preference until we investigated whether they pose an additional threat (and if so, how to mitigate that)
 
 
*MIME types
 
** in almost all cases we avoid that an external application is launched automatically to open a specific file
 
** we show a warning dialog (hooking us into the external app or NoScript dialog (the latter if the user has a pdf plugin activated))
 
** we prohibit that the user may set the "Always open with this application" option {there needs still a little bit done in this regard to make that bulletproof}
 
 
*Search queries
 
** delete the search queries after user launched search request
 
** after half an hour will the search history be deleted
 
** we disabled search suggestions per preference
 
 
*SSL based attacks
 
** included a modified version of Certificate Patrol (CP) {planned to enhance that a bit further (a kind of get-me-out-of-here button...)}
 
** disabled attacks using client certificates per preference
 
** included EFF's distributed SSL Observatory feature to be able to secure the SSL infrastructure in the future
 
** disabled SSL 3.0 per preference
 
 
*Media queries
 
** currently no way to cope with that as that needs probably a patched Firefox
 
 
*@font-face
 
** NoScript
 
** {we plan to implement a nsIContentPolicy that would take care of it e.g. if NoScript is disabled}
 
 
*JS based attacks
 
** NoScript in profile included
 
** tracking users via window.name is disabled
 
** {planned to spoof the browser locale reliably}
 
 
*Plugins
 
** NoScript in profile included
 
** all plugins are disabled in JonDoFox but Flash by default; the latter get disabled additionally by setting a hidden preference, extensions.jondofox.disableAllPluginsJonDoMode, to "true"
 
 
*AdBlock based attack
 
**{planned to implement one ad blocking list shipped with JonDoFox to minimize the risk that users get profiled by using different ad filter lists}
 

Latest revision as of 09:18, 23 October 2013

En2.png De2.png  Changelogs and Sources

How to get the sources and build a jondofox.xpi

It is probably the best to create a JonDoFox directory first and change to it:

mkdir JonDoFox && cd JonDoFox

Now you need a subversion client and check out the source as follows:

svn checkout https://svn.jondos.de/svnpub/JonDoFox_Extension/trunk

If your svn client complains about our self-signed certificate you may compare the SHA1 fingerprints to make sure you download our sources. The SHA1-fingerprint of our certificate is:

93:82:7d:96:6a:bf:0e:72:88:d2:90:6d:af:e1:a4:e1:11:00:67:7b

Afterwards change the directory to trunk and run the appropriate shellscript:

cd trunk && ./makexpi.sh

Now you'll find the freshly built jondofox.xpi in the directory xpi.

JonDoFox Documentation

The source of the documentation may be found here, a compiled .pdf may be found here (currently only an old german version).

Personal tools