|
|
Пишет LWN.net (![[info]](http://lj.rossia.org/img/syndicated.gif){kind=small} syn_lwnheadline)@ 2013-08-05 22:57:00 |
 |
|
 |
|
|
|
|
|
|
 |
|
 |
Attackers wield Firefox exploit to uncloak anonymous Tor users (ars technica)
Ars technica is one of many sites with coverage
of the Firefox exploit that was used to attack the anonymity of Tor
users. "The attack code exploited a memory-management vulnerability,
forcing Firefox to send a unique identifier to a third-party server using a
public IP address that can be linked back to the person's ISP. The exploit
contained several hallmarks of professional malware development, including
'heap spraying' techniques to bypass Windows security protections and the
loading of executable code that prompted compromised machines to send the
identifying information to a server located in Virginia, according to an
analysis by researcher Vlad Tsrklevich."
Ars technica is one of many sites with coverage
of the Firefox exploit that was used to attack the anonymity of Tor
users. "The attack code exploited a memory-management vulnerability,
forcing Firefox to send a unique identifier to a third-party server using a
public IP address that can be linked back to the person's ISP. The exploit
contained several hallmarks of professional malware development, including
'heap spraying' techniques to bypass Windows security protections and the
loading of executable code that prompted compromised machines to send the
identifying information to a server located in Virginia, according to an
analysis by researcher Vlad Tsrklevich."
