[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #11096 [Applications/Tor Browser]: Randomize MAC address before start of Tor
#11096: Randomize MAC address before start of Tor
--------------------------------------+--------------------------
Reporter: csoghoian | Owner: tbb-team
Type: enhancement | Status: assigned
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: tbb-security | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------------------+--------------------------
Comment (by cypherpunks):
Replying to [comment:5 bugzilla]:
> Meaningful part of this ticket is
> > TBB exploits
> So, propose renaming it to something like "Investigate methods of
hardening of Firefox to prevent MAC stealing".
This is not too difficult. A MAC address is obtained by using either an
IOCTL (SIOCGIFHWADDR), or the NETLINK protocol (AF_NETLINK). Just blocking
those syscalls when that argument is used should be sufficient, assuming
other more obvious issues like arbitrary filesystem access or the ability
to bypass Tor to phone home is mitigated.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11096#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs