[tbb-bugs] #11333 [Tor Browser]: Audit requestAnimationFrame() and possible timing attacks
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Dec 10 11:59:17 UTC 2014
#11333: Audit requestAnimationFrame() and possible timing attacks
-----------------------------+-------------------------------
Reporter: gk | Owner: tbb-team
Type: task | Status: new
Priority: major | Milestone:
Component: Tor Browser | Version:
Resolution: | Keywords: tbb-firefox-patch
Actual Points: | Parent ID: #3059
Points: |
-----------------------------+-------------------------------
Comment (by gk):
Replying to [comment:1 gk]:
> The SVG filter attack got fixed in Fx22
(https://bugzilla.mozilla.org/show_bug.cgi?id=711043) and testing the PoC
for the link repainting attack to extract browsing history
(https://bugzilla.mozilla.org/show_bug.cgi?id=884270) indicates it does
not work against TBB based on ESR24.
Well, that was wrong the PoC works both against Tor Browser based on ESR24
and ESR31 provided one is leaving private browsing mode.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11333#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list