JonDoFox sources

From JonDonym Wiki
(Difference between revisions)
Jump to: navigation, search
m
Line 20: Line 20:
 
Now you'll find the freshly built jondofox.xpi in the directory ''xpi''.
 
Now you'll find the freshly built jondofox.xpi in the directory ''xpi''.
  
===JonDoFox Documentation===
+
==JonDoFox Documentation==
  
 
The source of the documentation may be found [https://secure-proxy-howto.anonymous-proxy-servers.net/download/JonDoFoxDokumentation.tex here], a compiled .pdf may be found [https://secure-proxy-howto.anonymous-proxy-servers.net/download/JonDoFoxDokumentation.pdf here] (currently only an old german version).
 
The source of the documentation may be found [https://secure-proxy-howto.anonymous-proxy-servers.net/download/JonDoFoxDokumentation.tex here], a compiled .pdf may be found [https://secure-proxy-howto.anonymous-proxy-servers.net/download/JonDoFoxDokumentation.pdf here] (currently only an old german version).
 +
 +
==JonDoFox' Defenses==
 +
* HTTP-Header
 +
** Spoofing of User Agent
 +
** Spoofing of Referer
 +
** Further header spoofing (intl.accept_languages, intl.charset.default, intl.accept_charsets, network.http.accept.default)
 +
 +
* Further preferences
 +
** browser.search.suggest.enabled set to false
 +
** browser.zoom.siteSpecific set to false
 +
** plugin.expose_full_path set to false
 +
** browser.send_pings set to false
 +
** dom.storage.enabled set to false
 +
** geo.enabled set to false
 +
** network.prefetch-next set to false
 +
** network.proxy.socks_remote_dns set to true
 +
** network.http.proxy.keep-alive set to false
 +
** view_source.editor.external set to false
 +
** security.remember_cert_checkbox_default_setting set to false
 +
** security.default_personal_cert set to "Ask Every Time"
 +
** browser.history_expire_days set to 0 (is the same as places.history.enabled set to false in FF4)
 +
** network.websocket.enabled set to false (FF4)
 +
 +
*Cookies and DOM
 +
** Cookies currently blocked per default via CS Lite {planned an own user friendly tabspecific CM}
 +
** DOM storage currently disabled per preference {planned to expand the CM to the handling of DOM storage}
 +
 +
*Cache
 +
** modified SafeCache code {planned to expand the tabspecific design to handle cache cases as well}
 +
 +
*Browser History
 +
** currently disabled per preference {we are investigating whether it can be enabled in FF4 due to a fix of the old CSS hole}
 +
 +
*Java and Flash
 +
** NoScript in profile included
 +
** If they need to be used we recommend WideCap as a Socksifier {we plan to investigate whether there is a free solution available for all platforms}
 +
 +
*Websockets
 +
** currently disabled per preference until we investigated whether they pose a additional threat (and if so, how to mitigate that)
 +
 +
*MIME types
 +
** in almost all cases we avoid that an external application is launched automatically to open a specific file
 +
** we show a warning dialog (hooking us into the external app or NoScript dialog (the latter if the user has a pdf plugin activated))
 +
** we prohibit that the user may set the "Always open with this application" option {there needs still a little bit done in this regard to make that bulletproof)
 +
 +
*Search queries
 +
** delete the search queries after user launched search request
 +
** after half an hour will the search history be deleted
 +
** we disabled search suggestions per preference
 +
 +
*SSL based attacks
 +
** included a modified version of Certificate Patrol {planned to enhance that to include CP evaluation of every SSL reqeust, see: http://ha.ckers.org/blog/20100901/issues-with-perspectives/, further minor details should be enhanced (some things concerning the change-cert dialog, a kind of get-me-out-of-here button...)}
 +
** disabled attacks using client certificates per preference
 +
 +
*Media queries
 +
** currently no way to cope with that as that needs probably a patched Firefox
 +
 +
*@font-face
 +
** NoScript
 +
** {We plan to implement a nsIContentPolicy that would take care of it e.g. if NoScript is disabled}
 +
 +
*JS based attacks
 +
** NoScript in profile included
 +
** tracking users via window.name is disabled
 +
** {Planned to spoof the browser locale reliably}
 +
 +
*Plugins
 +
**{planned to disable Plugins in JonDo mode/and or if NoScript is not activated/installed}
 +
 +
*AdBlock based attack
 +
**{planned to implement one ad blocking list hosted on our server(s) to minimize the risk that users get profiled by using different ad filter lists}

Revision as of 13:24, 14 October 2010

En2.png De2.png

How to get the sources and build a jondofox.xpi

It is probably the best to create a JonDoFox directory first and change to it:

mkdir JonDoFox && cd JonDoFox

Now you need a subversion client and check out the source as follows:

svn checkout https://svn.jondos.de/svnpub/JonDoFox_Extension/trunk

If your svn client complains about our self-signed certificate you may compare the SHA1 fingerprints to make sure you download our sources. The fingerprint of our certificate is:

d2:db:a8:0a:01:bd:19:fe:39:14:b1:7c:15:8e:fd:ce:f7:2e:88:d5

Afterwards change the directory to trunk and run the appropriate shellscript:

cd trunk && ./makexpi.sh

Now you'll find the freshly built jondofox.xpi in the directory xpi.

JonDoFox Documentation

The source of the documentation may be found here, a compiled .pdf may be found here (currently only an old german version).

JonDoFox' Defenses

  • HTTP-Header
    • Spoofing of User Agent
    • Spoofing of Referer
    • Further header spoofing (intl.accept_languages, intl.charset.default, intl.accept_charsets, network.http.accept.default)
  • Further preferences
    • browser.search.suggest.enabled set to false
    • browser.zoom.siteSpecific set to false
    • plugin.expose_full_path set to false
    • browser.send_pings set to false
    • dom.storage.enabled set to false
    • geo.enabled set to false
    • network.prefetch-next set to false
    • network.proxy.socks_remote_dns set to true
    • network.http.proxy.keep-alive set to false
    • view_source.editor.external set to false
    • security.remember_cert_checkbox_default_setting set to false
    • security.default_personal_cert set to "Ask Every Time"
    • browser.history_expire_days set to 0 (is the same as places.history.enabled set to false in FF4)
    • network.websocket.enabled set to false (FF4)
  • Cookies and DOM
    • Cookies currently blocked per default via CS Lite {planned an own user friendly tabspecific CM}
    • DOM storage currently disabled per preference {planned to expand the CM to the handling of DOM storage}
  • Cache
    • modified SafeCache code {planned to expand the tabspecific design to handle cache cases as well}
  • Browser History
    • currently disabled per preference {we are investigating whether it can be enabled in FF4 due to a fix of the old CSS hole}
  • Java and Flash
    • NoScript in profile included
    • If they need to be used we recommend WideCap as a Socksifier {we plan to investigate whether there is a free solution available for all platforms}
  • Websockets
    • currently disabled per preference until we investigated whether they pose a additional threat (and if so, how to mitigate that)
  • MIME types
    • in almost all cases we avoid that an external application is launched automatically to open a specific file
    • we show a warning dialog (hooking us into the external app or NoScript dialog (the latter if the user has a pdf plugin activated))
    • we prohibit that the user may set the "Always open with this application" option {there needs still a little bit done in this regard to make that bulletproof)
  • Search queries
    • delete the search queries after user launched search request
    • after half an hour will the search history be deleted
    • we disabled search suggestions per preference
  • SSL based attacks
    • included a modified version of Certificate Patrol {planned to enhance that to include CP evaluation of every SSL reqeust, see: http://ha.ckers.org/blog/20100901/issues-with-perspectives/, further minor details should be enhanced (some things concerning the change-cert dialog, a kind of get-me-out-of-here button...)}
    • disabled attacks using client certificates per preference
  • Media queries
    • currently no way to cope with that as that needs probably a patched Firefox
  • @font-face
    • NoScript
    • {We plan to implement a nsIContentPolicy that would take care of it e.g. if NoScript is disabled}
  • JS based attacks
    • NoScript in profile included
    • tracking users via window.name is disabled
    • {Planned to spoof the browser locale reliably}
  • Plugins
    • {planned to disable Plugins in JonDo mode/and or if NoScript is not activated/installed}
  • AdBlock based attack
    • {planned to implement one ad blocking list hosted on our server(s) to minimize the risk that users get profiled by using different ad filter lists}
Personal tools