[tor-talk] Flash, Linux and Tor
Matt Joyce
toradmin at mttjocy.co.uk
Fri Oct 12 10:36:27 UTC 2012
On 12/10/12 09:40, Outlaw wrote:
> Hi! Let`s say main linux user A is cut off from Internet with iptables,
> user B starts Tor. If I run TorBrowser by user A, connect it to Tor
> (which is started by B) with socks and turn on flash plugin, is there
> any security/anonimity leak in this scheme? Thank you.
>
>
> _______________________________________________
> tor-talk mailing list
> tor-talk at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
The issue with flash even doing this is that when using flash you are
running third party executable code on the system, it can access various
information that could compromise your identity from the browser such as
the machines public IP etc. It is also able to make connections to
arbitrary servers via at the very least HTTP/HTTPS sure they would be
proxied via tor but they can also relay information picked up from the
local browser.
None of this is even including browser fingerprinting yet which with
flash involved is far far easier and more accurate a good resource check
out http://panopticlick.eff.org/ both with and without flash/js enabled
and see the difference in the fingerprint-ability of the browser and
bear in mind that site uses a fairly basic algorithm to show a point it
could be made even more accurate by someone who actually wanted to do so.
Supercookies in this case referring to the flash LSO variant are another
problem that would allow for tracking etc.
So yeah there are a number of ways it could compromise your
security/anonymity, I wouldn't overly recommend it of course while some
of the problems are potentially inherent others would require the flash
app to be coded to store data/track the latter could potentially be
minimized using a tight whitelist in something like noscript but be
aware anything that does run does have the ability. Further
whitelisting by URL leaves open the possibility of actively malicious
attacks should the server be compromised and the attacker replace an
applet at a whitelisted URL or were one to be altered in transit for
example.
More information about the tor-talk
mailing list