[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Supercookies
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: Supercookies
- From: Ted Smith <teddks@xxxxxxxxx>
- Date: Fri, 21 Aug 2009 10:10:53 -0400
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Fri, 21 Aug 2009 10:35:21 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:subject:from:to:in-reply-to :references:content-type:date:message-id:mime-version:x-mailer; bh=UsnfdJKUb9xYYclTHkqlo4GYYpLzrXg5zgf0KQvNtuM=; b=OxspsskJy8L8l8ijFiUw/DIqoSpJKHku3SrPqtSQEPZggy20IXWIL+AzowiO2m9rid iftfRoT7q8iO8EJqdOE6bsi1ernM4MbtJxgi7fTqQkK2QdgEATwxEvnBUL7MmCPYq5d4 iZTLcP2MFgnHUlfb2aBs4hhgx9PdgYr+YrGkI=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=subject:from:to:in-reply-to:references:content-type:date:message-id :mime-version:x-mailer; b=Ss8tklTbFTFrAzEmJstiyvfrm+fEVHgPXQcBVXaoslBS6YNJ218vS6mlEaNuRR9+NC aNpWMKTActUHCrQ80RYblUzVWOjaFwD04PAVwbK0v/dDqcuTt4wVekrNVlQwX4of3QEg RHUuxrflASa3D5yPKrFv/0CsibfZKOzqPAdZs=
- In-reply-to: <20090821.004755.5616.0@xxxxxxxxxxxxxxxxxxxxxx>
- References: <20090821.004755.5616.0@xxxxxxxxxxxxxxxxxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
On Fri, 2009-08-21 at 07:47 +0000, Paul Ferguson wrote:
> > Uuups, it seems BetterPrivacy allows remote code execution:
>
> Easily defeated:
>
> http://objection.mozdev.org/
>
> - ferg
>
Am I the only person who thinks it is generally a bad idea to keep
adding surface area to a browser that is supposed to be anonymous? If we
have an extension to rein in a plugin, and an extension for that
extension, that is a _lot_ more potential for exploits than just
removing that plugin.
Attachment:
signature.asc
Description: This is a digitally signed message part