[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: HTML5 deanonymization attacks



     On Fri, 20 Nov 2009 08:54:40 -0800 Mike Perry <mikeperry@xxxxxxxxxx>
wrote:
>Thus spake Marco Bonetti (marco.bonetti@xxxxxxxxxxxx):
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>=20
>> Mike Perry wrote:
>> > Do you have the test cases for the offline application protocol
>> > handler registration? I'm curious if Torbutton will still block them
>> > from bypassing the proxy or delaying themselves from running until
>> > post-toggle, even if you click to allow the application to run. I
>> > think it should still be blocked from doing anything terrible, but it
>> > would be nice to know for sure.
>> I can do some tests on protocol handler and not-Tor friendly protocols
>> like ftp, TorButton is doing a great job here with the big ugly warning
>> but, as told at the talk, who cares about big ugly warning nowadays? ;-)
>
>Yes, exactly. It would be nice to know if it is blocked even if you
>click through the warning and accept it. That warning is actually for
>blocking real external apps, not html pages registered as apps. The
>html pages should still be blocked by other means, and if they are
>not, I would like to at least investigate with a good test case to see
>why not.
>
>> > In general, it would be really nice if we could have all your test
>> > cases online so I can link them from the Torbutton Design Document, as
>> > we have done with other research like yours. The hope is that one day
>> > someone will consolidate all them into a good browser anonymity and
>> > privacy validation framework (decloak.net and deanonymizer.com are
>> > great starts, but still aren't totally complete).
>> I'm hosting them at my home machine right now, I've already contacted H.
>> D. Moore about an inclusion into his decloak.net suite but, you know,
>> he's pretty busy right now with the framework release. I can pack up
>> every file in a tarball and offer it from slackware.it.
>
>Yeah, and/or just a directory with the individual html files too.
>Ideally it would be something I can link from the Design Document and
>then click on individual tests to run them right there, for when I
>make changes to Torbutton that may cause regressions.
>
>> > Also, I'm curious about your comments about the differences in
>> > implementation of video, audio and source tags in Firefox 3.6b.
>> I only take a super fast look at Firefox 3.6b as it was released too
>> close to the conference :D
>> There's the fullscreen video support and... dunno, maybe the new css
>> fonts support may be interesting. The only thing I double checked was
>> the poster attribute support.
>
>Ok.
>
     It may be productive to include Giorgio Maone <g.maone at informaction.com>
in your discussion and planning.  His current version (http://noscript.net)
bears the following notes in the "Good News" column.

	-- Revamped Embedding (previously known as "Plugins") features,
	   including WebFont blocking

	-- NoScript Options/Embeddings/Forbid <VIDEO>/<AUDIO> preference to
	   control HTML 5 media blocking

	-- NoScript Options/Embeddings/Forbid @font-face preference to control
	   WebFont blocking

	-- Complete HTML 5 media (audio and video) blocking on untrusted sites

	-- New layer of inclusion protection, checks whether 3rd party script
	   and CSS files are served with proper content type

The list is actually much longer.  I've just selected a few items that appeared
most likely to be relevant to the discussion.


                                  Scott Bennett, Comm. ASMELG, CFIAG
**********************************************************************
* Internet:       bennett at cs.niu.edu                              *
*--------------------------------------------------------------------*
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *
**********************************************************************
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/