[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Thunderbird leak
Yes but you have to choose to view the original html or it doesnât do anything. So, by default, users will not be automatically exploited. They have to get a bad email and then choose menu options for that one email to then be able to click on a link which then might have contentâ
This is why it was considered a âmoderateâ security issue. It isnât a drive by exploit where you send mail to people and then something happens to them. They have to actively cooperate to be exploited. It is a bug, yes, but it isnât as bad as was being painted the other day here.
Al
From:Ânb.linux nb.linux
Reply:Âtor-talk@xxxxxxxxxxxxxxxxxxxx tor-talk@xxxxxxxxxxxxxxxxxxxx
Date:ÂJanuary 27, 2014 at 10:56:17 AM
To:Âtor-talk@xxxxxxxxxxxxxxxxxxxx tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject:Â Re: [tor-talk] Thunderbird leak
When I opened that email and set View/Message Body As/Original HTML,Â
Torbirdy did not prevent the tab to load nor refuse to display the HTML.Â
(Maybe this is intended, because Torbirdy only focuses on normal emailÂ
accounts(?))Â
--Â
Al Billings
http://makehacklearn.org
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk