[tor-talk] Security issue. Firefox in Tor Browser Bundle allows access to LAN resources. To fix: ABE of NoScript must be turn on by default
TT Security
tortestprivacy at ro.ru
Tue Jan 21 23:43:45 UTC 2014
Hi Olivier,
> 21 Январь 2014 г. 11:38:54 пользователь Olivier Cornu (o.cornu at riseup.net) написал:
>
> instead of allowing non-Tor connections to LAN hosts, supposedly because
> they are safe, it should block them as a default.
>
Absolutely agree with you!
Just let not treat it as BUG but as some security issue even if only potentially dangerous.
ABE of NoScript can close this issue - simply and quickly. But maybe in the future TBB must prohibit all connections to local LAN resources for global html web-pages.
----
Regards,
TT Security.
More information about the tor-talk
mailing list