[tor-talk] Fwd: [guardian-dev] Replicating TorBB/Firefox exploit in Orweb/Webkit?

[Nathan Freitas <nathan@xxxxxxxxxxx>]

-------- Original Message --------
Subject: [guardian-dev] Replicating TorBB/Firefox exploit in Orweb/Webkit?
Date: Mon, 05 Aug 2013 12:33:33 -0400
From: Nathan of Guardian <nathan@xxxxxxxxxxxxxxxxxxxx>
To: Guardian Dev <guardian-dev@xxxxxxxxxxxxxxxxxx>


Regarding the Tor security advisory
(https://lists.torproject.org/pipermail/tor-announce/2013-August/000089.html),
I've been considering whether this exploit or a similar one could be
used against Orweb, and the underlying Android WebView/Webkit component.

Orweb has Javascript and Cookie support off by default for all sites, so
I expect a Javascript exploit would not work at all. However, if we
enable both (which many users do in order to login to sites with
captchas), could that open Orweb users up to this deanonymization attack?

I hope to replicate this in a test environment shortly, but if anyone
has insight related to Webkit vs Firefox/Gecko in terms of this exploit,
please share.

In addition, if anyone is motivated to do their own independent auditing
of Orweb along these lines, would love to have your help.

Thanks!

+n
_______________________________________________
Guardian-dev mailing list

Post: Guardian-dev@xxxxxxxxxxxxxxxxxx
List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev

To Unsubscribe
        Send email to:  Guardian-dev-unsubscribe@xxxxxxxxxxxxxxxxxx
        Or visit:
https://lists.mayfirst.org/mailman/options/guardian-dev/nathan%40guardianproject.info

You are subscribed as: nathan@xxxxxxxxxxxxxxxxxxxx


-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk