[tor-talk] Thunderbird leak

Andrew F andrewfriedman101 at gmail.com
Sun Jan 26 17:33:45 UTC 2014


Also you might want to post this on the tails list.



On Sun, Jan 26, 2014 at 5:33 PM, Andrew F <andrewfriedman101 at gmail.com>wrote:

> YIKES... Are you sure, how did this slip by?
>
>
>
> On Sun, Jan 26, 2014 at 3:06 PM, Mike Cardwell <tor at lists.grepular.com>wrote:
>
>> I just blogged about a general security issue in Thunderbird which may
>> also affect people who are using Tor:
>>
>> https://grepular.com/Security_Bug_Thunderbird_Websites_Tabs
>>
>> Basically, an email can be crafted such that when you click a link in
>> that email it is opened within a Thunderbird tab instead of in your
>> usual (potentially torified) web browser. Bypassing any other defenses
>> you might also have, including NoScript etc.
>>
>> --
>> Mike Cardwell  https://grepular.com/     http://cardwellit.com/
>> OpenPGP Key    35BC AF1D 3AA2 1F84 3DC3  B0CF 70A5 F512 0018 461F
>> XMPP OTR Key   8924 B06A 7917 AAF3 DBB1  BF1B 295C 3C78 3EF1 46B4
>>
>> --
>> tor-talk mailing list - tor-talk at lists.torproject.org
>> To unsubscribe or change other settings go to
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>>
>>
>


More information about the tor-talk mailing list