[tor-talk] Fwd: [guardian-dev] Replicating TorBB/Firefox exploit in Orweb/Webkit?

Nathan Freitas nathan at freitas.net
Mon Aug 5 16:39:13 UTC 2013




-------- Original Message --------
Subject: [guardian-dev] Replicating TorBB/Firefox exploit in Orweb/Webkit?
Date: Mon, 05 Aug 2013 12:33:33 -0400
From: Nathan of Guardian <nathan at guardianproject.info>
To: Guardian Dev <guardian-dev at lists.mayfirst.org>


Regarding the Tor security advisory
(https://lists.torproject.org/pipermail/tor-announce/2013-August/000089.html),
I've been considering whether this exploit or a similar one could be
used against Orweb, and the underlying Android WebView/Webkit component.

Orweb has Javascript and Cookie support off by default for all sites, so
I expect a Javascript exploit would not work at all. However, if we
enable both (which many users do in order to login to sites with
captchas), could that open Orweb users up to this deanonymization attack?

I hope to replicate this in a test environment shortly, but if anyone
has insight related to Webkit vs Firefox/Gecko in terms of this exploit,
please share.

In addition, if anyone is motivated to do their own independent auditing
of Orweb along these lines, would love to have your help.

Thanks!

+n
_______________________________________________
Guardian-dev mailing list

Post: Guardian-dev at lists.mayfirst.org
List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev

To Unsubscribe
        Send email to:  Guardian-dev-unsubscribe at lists.mayfirst.org
        Or visit:
https://lists.mayfirst.org/mailman/options/guardian-dev/nathan%40guardianproject.info

You are subscribed as: nathan at guardianproject.info




More information about the tor-talk mailing list