[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Thunderbird leak

To: "nb.linux" <nb.linux@xxxxxxxxx>, tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Thunderbird leak
From: Al Billings <albill@xxxxxxxxxxxxxx>
Date: Mon, 27 Jan 2014 10:56:17 -0800
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 27 Jan 2014 14:11:30 -0500
In-reply-to: <52E692B5.6050702@xxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <20140126150653.GA13075@xxxxxxxxxxxxxxxxx> <CAMnnSdg+XprJUh59zcJQA-R6W=41gSCRiVtqJJZQoPAOakGH1A@xxxxxxxxxxxxxx> <52E54E28.8090205@xxxxxxx> <F218C0F61D6244B695A43901FF2CE769@xxxxxxxxxxxxxx> <52E5A0DA.1080403@xxxxxxx> <CAMY+0ULnbxj87OSY8fEMvmvXF7mPVrNH0wdg_afXPNDCZCVUVA@xxxxxxxxxxxxxx> <52E67F88.9090102@xxxxxxx> <52E692B5.6050702@xxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

Yes but you have to choose to view the original html or it doesnât do anything. So, by default, users will not be automatically exploited. They have to get a bad email and then choose menu options for that one email to then be able to click on a link which then might have contentâ

This is why it was considered a âmoderateâ security issue. It isnât a drive by exploit where you send mail to people and then something happens to them. They have to actively cooperate to be exploited. It is a bug, yes, but it isnât as bad as was being painted the other day here.

Al

From:Ânb.linux nb.linux
Reply:Âtor-talk@xxxxxxxxxxxxxxxxxxxx tor-talk@xxxxxxxxxxxxxxxxxxxx
Date:ÂJanuary 27, 2014 at 10:56:17 AM
To:Âtor-talk@xxxxxxxxxxxxxxxxxxxx tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject:Â Re: [tor-talk] Thunderbird leak  
When I opened that email and set View/Message Body As/Original HTML,Â
Torbirdy did not prevent the tab to load nor refuse to display the HTML.Â
(Maybe this is intended, because Torbirdy only focuses on normal emailÂ
accounts(?))Â
--Â
Al Billings
http://makehacklearn.org

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Thunderbird leak
  - From: Mike Cardwell

References:
- [tor-talk] Thunderbird leak
  - From: Mike Cardwell
- Re: [tor-talk] Thunderbird leak
  - From: Andrew F
- Re: [tor-talk] Thunderbird leak
  - From: Joe Btfsplk
- Re: [tor-talk] Thunderbird leak
  - From: Al Billings
- Re: [tor-talk] Thunderbird leak
  - From: Joe Btfsplk
- Re: [tor-talk] Thunderbird leak
  - From: Al Jigong Billings
- Re: [tor-talk] Thunderbird leak
  - From: Joe Btfsplk
- Re: [tor-talk] Thunderbird leak
  - From: nb.linux

Prev by Author: Re: [tor-talk] Thunderbird leak
Next by Author: Re: [tor-talk] Thunderbird leak
Previous by thread: Re: [tor-talk] Thunderbird leak
Next by thread: Re: [tor-talk] Thunderbird leak
Index(es):
- Author
- Thread