[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #15138 [Tor Browser]: Investigate TBB 4.5 hardening (e.g. DEP/ASLR) on all Platforms

Subject: Re: [tor-bugs] #15138 [Tor Browser]: Investigate TBB 4.5 hardening (e.g. DEP/ASLR) on all Platforms
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Tue, 07 Apr 2015 15:42:03 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 07 Apr 2015 11:42:12 -0400
In-reply-to: <043.ac386c1eec68755bde4d15ec3fa7da24@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <043.ac386c1eec68755bde4d15ec3fa7da24@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#15138: Investigate TBB 4.5 hardening (e.g. DEP/ASLR) on all Platforms
--------------------------+------------------------------------------------
     Reporter:  tom       |      Owner:  tom
         Type:  defect    |     Status:  new
     Priority:  normal    |  Milestone:
    Component:  Tor       |    Version:
  Browser                 |   Keywords:  tbb-security, TorBrowserTeam201504
   Resolution:            |  Parent ID:
Actual Points:            |
       Points:            |
--------------------------+------------------------------------------------

Comment (by cypherpunks):

 > for /GS (Visual Studio-compiled) binaries

 It's possible to use hex-string pattern, not long-term solution, but for
 the same version of VS it should to generate the same opcodes if secure
 cookies used for function.
 Like for x86, it generates:
 {{{
 mov     eax, ___security_cookie_at_xxxxxxxx
 xor     eax, ebp
 mov     [ebp+xx], eax
 }}}
 it is "A1 xx xx xx xx 33 C5 89 45 xx". Possible false positive results.
 Kludgy, buggy, but possible.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15138#comment:12>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: [tor-bugs] #15618 [Tor]: Tried to establish rendezvous on non-OR circuit with purpose Acting as rendevous (pending)
Next by Author: Re: [tor-bugs] #15607 [Tor]: Tor log dates imprecise
Previous by thread: Re: [tor-bugs] #15138 [Tor Browser]: Investigate TBB 4.5 hardening (e.g. DEP/ASLR) on all Platforms
Next by thread: Re: [tor-bugs] #15138 [Tor Browser]: Investigate TBB 4.5 hardening (e.g. DEP/ASLR) on all Platforms
Index(es):
- Author
- Thread