[tor-talk] Thunderbird leak
Runa A. Sandvik
runa.sandvik at gmail.com
Sun Jan 26 18:07:14 UTC 2014
On Sun, Jan 26, 2014 at 3:06 PM, Mike Cardwell <tor at lists.grepular.com> wrote:
> I just blogged about a general security issue in Thunderbird which may
> also affect people who are using Tor:
>
> https://grepular.com/Security_Bug_Thunderbird_Websites_Tabs
>
> Basically, an email can be crafted such that when you click a link in
> that email it is opened within a Thunderbird tab instead of in your
> usual (potentially torified) web browser. Bypassing any other defenses
> you might also have, including NoScript etc.
I'd be curious to know if this still works if you have TorBirdy [1]
installed. TorBirdy is a Thunderbird extension which configures the
software to make connections over the Tor network.
[1]: https://addons.mozilla.org/en-us/thunderbird/addon/torbirdy/
--
Runa A. Sandvik
More information about the tor-talk
mailing list