[tor-talk] Security issue. Firefox in Tor Browser Bundle allows access to LAN resources. To fix: ABE of NoScript must be turn on by default
Georg Koppen
georg at getfoxyproxy.org
Wed Jan 22 09:55:03 UTC 2014
> don't exclude it at all. For example it can be a very hidden malware
> that not detected by antivirus and it will be enable to invisibly
> communicate with it's "second part" when you visit some web-sites
> because it doesn't need in allowing rules in system firewall.
Yes, but see what the design specification says regarding the attacker
capabilities:
https://www.torproject.org/projects/torbrowser/design/#attacks
(especially section 4).
Thus, I doubt that the TorBrowser is the proper platform to defend
against an attacker you have in mind.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 862 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20140122/23d40d67/attachment.sig>
More information about the tor-talk
mailing list