Why doesn't Tor Browser Bundle include the RefControl Add-on?

According to ip-check.info, referrals are a threat to anonymity because they tell the site you are visiting where you were from. You click on a link from, let's say, Wilddessecurity, and the site contained within the link will be notified that you were referred from Wilderssecurity. So it works like this.

Wilderssecurity link (to artstechnica.com)------> You click on the link----->Artstechnica.com knows you clicked on a link from wilderssecurity to get to their page.

This allows artsttechnica to build a profile of your web browsing activities. I think referrals are threat to anonymity and allow websites to build a profile on you. So I think future releases of Tor Browser Bundle should include the RefControl add-on, so that users can block referrals from whatever site they desire.

If you block the referrals for wilderssecurity.com this would happen.

Wilderssecurity link (to artstechnica.com)------> You click on the link----->Artstechnica.com DOES NOT knows you clicked on a link from wilderssecurity to get to their page because all referrals from Wilderssecurity have been blocked.

 

Have you asked the torproject this question?

-- Tom

 

Because Tor project is very careful of using addons they don't understand completely.

 

I've download refControl separately, I don't see why Tor can't include RefControl in its browser bundle.

 

I said a post above.

 

That may be, but the torproject should also be able to state what they do not understand about the plugin if that is so. RefControl seems like a good idea per OP message - maybe they are in a holding pattern regarding plugins at this point in time or just short on staff to do the work to make it a reality (i.e. is it already on the todo list at torproject?).

-- Tom

 

No I have not because I don't know how to keep in contact with them. Do you know how to ? If you do, by all means tell me.

 

Would this work? (I know its cumbersome) - load a new tab, paste the link in, and close the other tab (the site you got the link from) or is the referrer somehow "buried" in that link?

 

Problem is they probably don't know the people that work on it, therefore there is not trust, the program could update with spyware for all they know. They prefer open source, and or private internal projects.

 

From the Tor Weekly News blog:

-- Tom

 

They even set NoScript as Allow Scripts Globally (dangerous), what do you expect? Catering to newbies I bet.

 

You got that right! Just because of a trend that most web pages on clearnet do not work without JavaScript enabled. However, it is easy enough to reset NoScript to disallow scripts globally when the tor browser launches.

-- Tom

 

Yup. That little change probably got a few people id'd IRL for just visiting Tormail in early August. I can't believe Allow All was/is the default.

PD

 

Just send all your questions to the US Navy ..
In fact, you probably don't really need to send them, just writing them in a Word-document should ensure they reach the 'right' people at some time ....

 

Even though Tor was invented by the Navy does not mean they control it! It is now Open Source Software.

-- Tom

 

I used to use RefControl however a while back I switched to: https://addons.mozilla.org/en-us/firefox/addon/smart-referer/ Disable RefControl, download this and set it to direct hit. Will switch referer results from orange to green at ip-check.info.