[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Flash, Linux and Tor



On 12/10/12 09:40, Outlaw wrote:
Hi! Let`s say main linux user A is cut off from Internet with iptables,
user B starts Tor. If I run TorBrowser by user A, connect it to Tor
(which is started by B) with socks and turn on flash plugin, is there
any security/anonimity leak in this scheme? Thank you.


_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
The issue with flash even doing this is that when using flash you are running third party executable code on the system, it can access various information that could compromise your identity from the browser such as the machines public IP etc. It is also able to make connections to arbitrary servers via at the very least HTTP/HTTPS sure they would be proxied via tor but they can also relay information picked up from the local browser.

None of this is even including browser fingerprinting yet which with flash involved is far far easier and more accurate a good resource check out http://panopticlick.eff.org/ both with and without flash/js enabled and see the difference in the fingerprint-ability of the browser and bear in mind that site uses a fairly basic algorithm to show a point it could be made even more accurate by someone who actually wanted to do so.

Supercookies in this case referring to the flash LSO variant are another problem that would allow for tracking etc.

So yeah there are a number of ways it could compromise your security/anonymity, I wouldn't overly recommend it of course while some of the problems are potentially inherent others would require the flash app to be coded to store data/track the latter could potentially be minimized using a tight whitelist in something like noscript but be aware anything that does run does have the ability. Further whitelisting by URL leaves open the possibility of actively malicious attacks should the server be compromised and the attacker replace an applet at a whitelisted URL or were one to be altered in transit for example.
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk