[tor-bugs] #3737 [TorBrowserButton]: kissmetrics exploits

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Mon Aug 15 20:56:45 UTC 2011

#3737: kissmetrics exploits
 Reporter:  cypherpunks       |          Owner:  mikeperry        
     Type:  defect            |         Status:  needs_information
 Priority:  normal            |      Milestone:                   
Component:  TorBrowserButton  |        Version:                   
 Keywords:                    |         Parent:                   
   Points:                    |   Actualpoints:                   
Changes (by mikeperry):

  * status:  new => needs_information


 Great, another hit and run cypherpunks ticket with insufficient detail...

 AFAIK, we do prevent this type of cookie respawn: DOM storage and flash
 are disabled, and if you enable flash, BetterPrivacy should kick in on TBB
 and clear your flash cookies for you...

 Can you explain what you believe to be the shortcoming here?

 Also note that I have just finished an implementation of #523 to clear
 cache, http auth, ssl state, etc etc in TBB..

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3737#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list