[tor-talk] Thunderbird leak

Mike Cardwell tor at lists.grepular.com
Sun Jan 26 15:06:53 UTC 2014

I just blogged about a general security issue in Thunderbird which may
also affect people who are using Tor:


Basically, an email can be crafted such that when you click a link in
that email it is opened within a Thunderbird tab instead of in your
usual (potentially torified) web browser. Bypassing any other defenses
you might also have, including NoScript etc.

Mike Cardwell  https://grepular.com/     http://cardwellit.com/
OpenPGP Key    35BC AF1D 3AA2 1F84 3DC3  B0CF 70A5 F512 0018 461F
XMPP OTR Key   8924 B06A 7917 AAF3 DBB1  BF1B 295C 3C78 3EF1 46B4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 598 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20140126/e7172cfe/attachment.sig>

More information about the tor-talk mailing list