| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAEGH4AaCcZpTrqMZeq=p-=vt-5rm_ff28EOxNwFoK_rBsNi28g@mail.gmail.com> Date: Mon, 13 May 2019 21:39:51 +0545 From: Bipin Gautam <bipin.gautam@...il.com> To: fulldisclosure@...lists.org Subject: [FD] TOR browser / Firefox telemetry data POC: tl;dr run just Firefox browser / TOR and just nothing and tcpdump the computing device / network firewall BLOCK all IP/A names, gradually... that shows up in tcpdump when you do not using firefox but it connects automatically (if you block something firefox hops to something else, 3-5+ times ) QUICK FIX: in address bar: about:config >>> then search for string: org com mozilla firefox google ...? to start with : almost all... the url string that shows up in the above search, should be removed in TOR and firefox browser or left to minimum --- after you fix it : see no activity in tcpdump when firefox is idle Does everyone use their own customized OS/s now ? Recommendation : firefox being a OSS browser, should create a master switch for ... . The corporate / world is going in the opposite direction, everyone want a piece of everything android/iOS seems as new windows 3.1 and then malware/RAT as now - games, apps, android, in every computing device, every app. _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists