Securing teh Intarwebs (Ultimate Solution ;)
Watson Ladd
watsonbladd at gmail.com
Sun Apr 1 13:08:41 UTC 2007
Mike Perry wrote:
> Thus spake Mike Perry (mikepery at fscked.org):
>
>> Also, it appears that we also need to hook
>> document.defaultView.getComputedStyle(link,null).getPropertyValue();
>> somehow (perhaps by hooking getComputedStyle and clearing all
>> properties for its return value if it is an "A" tag like I do with
>> document.getElement*, or possibly by hooking the getPropertyValue
>> method on the returned object) in order to defeat
>> http://jeremiahgrossman.blogspot.com/2006/08/i-know-where-youve-been.html
>
> No, this is stupid. The adversary can just walk the DOM and look for A
> tags. You have to be pro-active and walk the whole DOM first yourself,
> and strip the attributes off of each A tag as you find it.
>
> Or, perhaps getting the history clearing thing to work is the real
> Ultimate Solution.
Or maybe telling the Firefox developers to enforce a local/remote
separation. The JS running from a remote server should not be able to
determine computed properties of links. Think taint checking, like in Perl.
> You can use fileio in javascript to read
> history.dat (see jshooks.js), but the main issue is file locking on
> windows may prevent you from writing it out again since it appears firefox
> never actually closes the file. It's worth a shot though. Perhaps they
> don't lock the file while they have it open,
From what I remember when using TeX on windows is that file locking
happens automagically.
> and maybe they seek to the
> beginning of it each time they read it out...
>
> Ok, I promise I won't reply to myself any more. ;)
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 249 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20070401/485485e7/attachment.pgp>
More information about the tor-dev
mailing list