If I add adobe flash player to xB Browser, is it less secure (in anonymity)?

You may find some info regarding this subject here:

Can Java - Javascripts - Cookies reveal real ip behind VPN (http://www.wilderssecurity.com/showthread.php?t=173300)

In order to be protected, you have to use a firewall (I am using Outpost and following Paranoid member rules and recommendations) to prevent some possible info being leaked without your knowledge.

Also, check these threads:

Finding your Real IP Through ActiveX or Flash? (http://www.wilderssecurity.com/showthread.php?p=917182)

PRIVACY ON THE NETT (http://www.wilderssecurity.com/showthread.php?p=943478)

This thread is also very important:

Tor and Javascript (http://www.wilderssecurity.com/showthread.php?p=939294)

See the last posts from him:

-{ Quote: "I hate to spill the beans, but it is extremely difficult to watch flash movies anonymously. That P2K didn't notice this speaks wonders about him. Flash is actually by far the easiest method of obtaining a tor user's real ip address. See www.fortconsult.net/images/pdf/tpr_100506.pdf and www.fortconsult.net/images/pdf/Practical_Onion_Hacking.pdf for a few of many examples of this.

As Paranoid2000 has been kind enough to point out to me and others personally, you really do need to firewall your browser. After doing that please tell me if that ruins flash or not. I am thinking one way to view flash videos would be to use one of those flash-downloading browser plugins. After the movies have downloaded, perhaps you can then disconnect from the internet and watch your stuffs.

But if you think you can surf anonymously, you are in for a rude awakening.

John" }-

-{ Quote: "Nothing special here. While the PDF files are interesting, the first document states "One simple possibility for unmasking a Tor client is simply to get a shockwave flash file to play in a suspects machine, thereby executing a command causing it to connect out – BYPASSING TOR!" This means it is no different from Java applets - it can only work if you allow Flash to connect directly to the Internet. Indeed the document notes this with: "A user running a host-based firewall allowing outbound connections on a per-application basis might not be affected by this." and "It only affects Internet Explorer users, not Firefox users, presumably due to different Java engines being in use." Those wishing anonymity online cannot rely on Tor alone, but have to use a firewall and web-filtering in conjunction with it.

A slightly greater concern with Flash is potential abuse of its local storage option (aka "Flash cookie") which is enabled by default - see Adobe: How to manage and disable Local Shared Objects (http://www.adobe.com/cfusion/knowledgebase/index.cfm?id=52697ee8) for details on disabling this.

It is however a bad idea to view videos via Tor because of the bandwidth demands involved (multiplied by four due to routing it via 3 nodes - which you are asking volunteers to carry) and the lower speed. In addition, pushing large volumes of traffic through Tor makes it slower for everyone else." }-

Well, all of these informations are confused and someone should make a walk-trough to prevent these threats against our anonymity, and because I am paranoid, Flash Player was not instaled on my XeroBank, even if my firewall is activated.

The fact is, I will never be entirely sure if there's not going to be any leakage of my true IP, so I decide to not watch Flash Videos at all while XB is running. I may use unsafe browsers to do that.

And even if I am 100% anonymous, Flash videos are the only kind of media that I may block here, so that gives me an option. Java can't be blocked for good (if you do that, you will not be able to surf on most of websites).

Also, I agree with all complaints about how this network used by XeroBank is slow. It was not developed to everyone spend bandwith by making uploads (which are impossible) and downloads of this kind.

Adobe Flash plugins are capable of leaking. I suggest either abstain from flash, wait for xB Machine which comes out August 3rd, or upgrade to xB Pro. Another option is to use the JanusVM router.

If you upgrade to xB Pro, you will get access to pre-configured xB VPN software. Using xB VPN, you can view Flash and all other rich medias without breaking your anonymity.

I have seen XB Browser uses american proxies and TorOpera-Torpack use german proxies, is it true that the german prxies are more secure?.

xB Browser is Torpark, and uses the Tor network. OperaTor also uses the Tor network. What exit-node proxy you get only depends on the moment.

I would hazard to say that those proxies are equally "secure" as the others, being they both use the same network.

However, once again, neither Torpark, xB Browser, nor OperaTor wll protect you from Flash anonymity compromises if you allow Flash to run, which is blocked by default. Only xB VPN, xB Machine, JanusVM, or Incognito LiveCD will protect you in the case that you decide to use Flash.