[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Trusteer Rapport happily working inside tor-browser-bundle

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-talk] Trusteer Rapport happily working inside tor-browser-bundle
From: ix4svs@xxxxxxxxx
Date: Thu, 23 Feb 2012 10:49:02 +0000
Authentication-results: mr.google.com; spf=pass (google.com: domain of alexandros.papadopoulos@xxxxxxxxx designates 10.112.48.9 as permitted sender) smtp.mail=alexandros.papadopoulos@xxxxxxxxx; dkim=pass header.i=alexandros.papadopoulos@xxxxxxxxx
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 23 Feb 2012 05:49:23 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:sender:date:x-google-sender-auth:message-id:subject :from:to:content-type; bh=g1KonzAFI1W2JY0tYfnq20HksiMW5ATT1tSlegHLtcM=; b=tTBrXAW5VB0ug23RL3kwLBtbsxnB8BsPeeRWofjVyfZDPPvwUCvKICgKZzC4dJ3cz/ Ekeq7y+zmbEZZ4KQxvv03X/AqmvWAoU1in0Gy6gPlfiYt0iNLpuKELfbuSXh7PQtKQVs H6BXRTsNBlUzsQIfK1dY1lorgMsLI4uUwkAZs=
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

I'm using Tor browser bundle for Windows v2.2.35-7.1 (latest as of Feb
2012) and notice that Trusteer Rapport (software pushed hard by banks
in the UK that is supposed to raise the bar against
keylogging/screenshot stealing malware on Windows) is happily
functioning inside the Aurora instance of the Tor browser bundle. This
goes against the "do not install plugins in your truster browser"
rule.

I understand that Tor is not trying to protect against local attacks
and Trusteer Rapport is certainly installed on my local computer - but
the fact it's just "there" in Aurora concerns me. The result is that a
common database (of logins Rapport monitors and tries to protect) is
shared between all of my browsing sessions.

Short of running tor-browser-bundle on a read-only Linux live system
running off USB media, is it possible to somehow protect the Aurora
instance from accepting any external plugins to interfere with it? It
appears there are software bundles out there that accomplish this [0]
but that may be too far in local application protection space (and
therefore off-topic) for Tor to address.

I assume the answer in Tor-browser-bundle & Rapport's case is "no, it
cannot be blocked" - as it's supposed to trap system calls below the
browser level - but it seems to have the potential to compromise the
anonymity of people using the Tor browser bundle so I thought I'd ask.

Alex

[0] http://www.trusteer.com/support/en/dell-kace-secure-firefox-browser
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Trusteer Rapport happily working inside tor-browser-bundle
  - From: ix4svs

Prev by Author: Re: [tor-talk] irc clients and Tor
Next by Author: Re: [tor-talk] Trusteer Rapport happily working inside tor-browser-bundle
Previous by thread: Re: [tor-talk] Tor bridge with no traffic
Next by thread: Re: [tor-talk] Trusteer Rapport happily working inside tor-browser-bundle
Index(es):
- Author
- Thread