[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #9195 [Tor bundles/installation]: Bad default setting in Tor Browser Bundle poses a severe privacy risk.
#9195: Bad default setting in Tor Browser Bundle poses a severe privacy risk.
---------------------------------------+------------------------------------
Reporter: cypherpunks | Owner: erinn
Type: defect | Status: new
Priority: critical | Milestone:
Component: Tor bundles/installation | Version:
Keywords: tbb-pref, MikePerry201307 | Parent:
Points: | Actualpoints:
---------------------------------------+------------------------------------
Comment(by cypherpunks):
Replying to [comment:3 runa]:
> Replying to [comment:2 mikeperry]:
> > Thank you for the detailed explanation. I didn't realize that AV
systems had moved into the cloud for verifying stuff like this.
>
> From http://kb.mozillazine.org/Browser.download.manager.scanWhenDone:
"... this preference is only used for scanning completed downloads and
only has an effect if you have antivirus software installed and are
running Windows" ... "Starting in Firefox 3.7, also apply Windows security
policy checks".
Yes, `scanWhenDone` + AV works as intended on a Windows system. Many AV
providers are quite open about adding "cloud" features to their products.
It is after the PRISM revelations that the consequences becomes dire.
1.) Please verify that you can reproduce the described behaviour.
2.) I may be mistaken about the usage of the term "cloud" in relation to
MSE. This is because it has been a long time since I replaced it with
Comodo and I don't remember what label MSE used for the feature. But most
companies assign different meaning to the same terms, so it doesn't matter
what it is called. Many AV companies do have separate products aptly named
"Cloud Scanner", but that MSE had a cloud scanning feature enabled by
default came as a surprise to me.
3.) The concern for the Torproject in this matter is in respect to the
default setting used in TBB. How to correctly use AV products to maintain
some level of privacy lies outside the scope of Torproject. But this
problem illustrates the difficulty of keeping netizens safe and protect
their privacy, and also points to the urgent need for a collaboration with
other groups to produce a ''"The Netizens How-To Guide to Privacy and Safe
Computer Usage"'' ebook.
EFF, EPIC and The Internet Defense League comes to mind as collaborators.
I can provide a draft of the structure for such a book, if asked.
4.) What is the feature called in Comodo? = "Use cloud while scanning".
5.) What documentation gives this information?
http://help.comodo.com/topic-72-1-451-4757-Scan-Profiles.html
(This site requires JavaScript.)
Quote:
"Use cloud while scanning - Selecting this option enables the Antivirus to
detect the very latest viruses more accurately because the local scan is
augmented with a real-time look-up of Comodo's online signature database.
With Cloud Scanning enabled your system is capable of detecting zero-day
malware even if your local anitvirus [SIC] database is out-dated. (Default
= Disabled)."
... [snip] ...
"Update virus database before running â Selecting this option makes CIS to
check for virus database updates and if available, update the database
before commencing the scan. (Default = Disabled)."
6. If someone contacts tech reporters, ask them to investigate McAfee's
HackerWatch (and all components of their product for privacy leaks).
http://md5.hackerwatch.org
I suspect McAfee is more eager to watch their users than "hackers".
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9195#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs