[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Firefox sends your uptime
Mozilla Firefox sends your computer's uptime while establishing TLS
(SSL) connection. This could be used to correlate anonymous traffic with
non-anonymous (e.g. LAN traffic) by correlating intercepted uptime
values (or to search the originator of anonymous traffic by correlating
uptime values from TCP timestamps in GNU/Linux and some other operating
systems).
Tested with latest Firefox versions (including Betas) on Windows. Should
also work on GNU/Linux too, but not works on my ArchLinux box due to
some patches...
Details:
RFCs 2246, 4346 describe following structure (part of TLS Client Hello
packet):
struct {
uint32 gmt_unix_time;
opaque random_bytes[28];
} Random;
Firefox sends your uptime in "gmt_unix_time" field (seconds since boot).
Other browsers (IE, Opera) send your current system time in UNIX format.
So, use your Firefox carefully ;)