Securing teh Intarwebs (Ultimate Solution ;)
mikepery at fscked.org
Sun Apr 1 03:13:31 UTC 2007
Thus spake Mike Perry (mikepery at fscked.org):
> to use over Tor, modulo browser vulerabilities (which the FF people
> will actually fix.. They seem to enjoy arbitrary sites being able to
> query their history and search keywords, however.. That is a "feature").
The long-standing firefox bug is:
It should be noted that the reason commonly given for not fixing is
that they don't care about specific URLs being queried and would
rather have styles work properly (why not have both? Obviously they
haven't heard the phrase "Ultimate Solution" :). However Billy
Hoffman's talk at shmoocon pointed out that you can query 10s of
thousands of urls per second on a fast machine, more than enough to
troll for permutations of google keyword searches.
This is probably also worth investigating:
That technique uses CSS to fetch background images for visited links.
Bear in mind that images probably can be encoded with unique IDs by
exit nodes, so this probably is relevant.
so perhaps this can be eliminated with an additional hook in
jshooks.js as well, but there may be issues with getting an event
handler that fires at the right time. You can find archives of me
harassing the mozilla extensions people about event handlers at:
Also, it appears that we also need to hook
somehow (perhaps by hooking getComputedStyle and clearing all
properties for its return value if it is an "A" tag like I do with
document.getElement*, or possibly by hooking the getPropertyValue
method on the returned object) in order to defeat
This technique does not seem to work on FF18.104.22.168:
Sorry I don't have time for this stuff right now, it is really
interesting and I wish I could do it. I should have more time in ~1
month (unless I discover one of these to be particularly low hanging
fruit and have some downtime on a train one day).
Mad Computer Scientist
fscked.org evil labs
More information about the tor-dev