Quote from: maybejustonce on February 12, 2013, 02:53 amQuote from: SelfSovereignty on February 12, 2013, 01:38 amCookies are definitely deleted when you close the Tor browser. It also comes with NoScript configured for compatibility. What I mean is that it isn't configured for maximum safety, just good safety with settings that don't break the whole web (like it does if you prevent any un-whitelisted site from running, which is/was the NoScript default).I don't know of any exploits that will bypass the out-of-the-box configuration, but that isn't my specialty, so take it with a grain of salt. You may or may not want to go to "about:config" and change "network.websocket.enabled" to be "false." There's some contention about whether or not it's really safe to have it on, but the Tor project says it is & the browser ships with it that way... so one would think it is. Your call though.Other than that, I wouldn't worry too much.can you explain in depth what that command line does? Well, it's not some secret or anything, you can go ahead and do a search for the setting if you're uncomfortable trusting me. "about:config" is the Firefox (the Tor browser is a bundled version of Firefox) address for advanced settings. Unless you're _positive_ you know what one does, don't fuck with it. Seriously. At best you'll slow things down, at worst you'll start leaking your identity.Websockets are an HTML5 thing. I hear their implementation is still a little buggy in Firefox, but I have no personal experience with them. Basically it's a feature to support exchanging data with a specific site and splicing it into the currently viewed page -- so for instance, say you go to "www.moviesforfree.com" (totally made up), and the (imaginary) guy who made the (imaginary) site decided to use a websocket to make sure the page doesn't have to be refreshed in order to show you "MOVIE ADDED" or something.So the javascript opens a websocket to a different server, maybe "www.moviesforfree-updates.com" or some junk, and communicates through the websocket to get notified of updates. There was a bug in an older version of the Tor browser that bypassed Tor entirely when connecting via websockets; as in your IP was available via a simple javascript function any site could trigger. It's supposedly fixed, but like I said, there seem to be those who claim it isn't truly fixed and advise that people disable websockets entirely.Enough information? :)