1 |
On 12/17/2016 08:56 PM, Walter Dnes wrote: |
2 |
|
3 |
> I'm running Pale Moon. In an xterm, I did... |
4 |
> |
5 |
> export SSLKEYLOGFILE=/dev/shm/sslkeylogfile.txt |
6 |
> |
7 |
> ...and launched Pale Moon manually from the commandline. nd visited a |
8 |
> couple of https sites. I did get /dev/shm/sslkeylogfile.txt which |
9 |
> begins with the line... |
10 |
> |
11 |
> # SSL/TLS secrets log file, generated by NSS |
12 |
> |
13 |
> Following that are a bunch of lines starting with... |
14 |
> |
15 |
> CLIENT_RANDOM |
16 |
> |
17 |
> ...followed by a space, followed by 161 random hex-numeric characters |
18 |
> i.e. [0-9a-f]. |
19 |
> |
20 |
> I also saw a line beginning with... |
21 |
> |
22 |
> RSA |
23 |
> |
24 |
> ...followed by a space, followed by 113 random hex-numeric characters |
25 |
> i.e. [0-9a-f]. |
26 |
> |
27 |
> If you plan to do this regularly, your program launcher will need to |
28 |
> launch bash scripts with seperate filenames for each profile. Maybe |
29 |
> append date-time stamp to filenames to avoid multiple sessions |
30 |
> overwriting each other. |
31 |
> |
32 |
> |
33 |
> As for privacy, there are the usual features, like... |
34 |
> |
35 |
> * asking sites to not track (don't trust that) |
36 |
> * control of which sites to accept/refuse regular cookies, and 3rd-party |
37 |
> cookies, from |
38 |
> * whether or not to clear browsing and download history |
39 |
> * private browsing session |
40 |
random - I have always wondered why none of the "user respecting" forks |
41 |
nor mozilla have any serious efforts to thwart browser fingerprinting, |
42 |
private browsing session is simply a misnomer without it. |