Ok, it seems that we have different understanding about the terms attack and exploit.
First PoC: Updating my /etc/hosts to allow bad script doing bad things? Nope.
Second PoC: Just did not get it working.
Yes, there were a lot several cases in the past. Get the link-color of visited links in css, using css3 transparency to get your facebook-profile name ... just to name a few.
All of them were handled as serious bugs and get fixed fast.
So, if you have a bug and you can demonstrate it, nice. If you want to discuss things, then I think here is the right place I guess.
After writing this: I still have a different opinion on this topic and think it's wrong to blame Mozilla. They proved in the past often times, that they value privacy and security.
I hope Mozilla know them. Actually I hope Mozilla developers can deduce at least all the attacks I can conceive from the description I wrote in the bug report.
Second PoC: Just did not get it working.
The fact that it does not work on your specific machine/network doesn't mean much.
It's a proof-of-concept. It works. Tweak it a little.
Rain1 even explained carefully how it works.
After writing this: I still have a different opinion on this topic and think it's wrong to blame Mozilla. They proved in the past often times, that they value privacy and security.
Exactly this vulnerability is why we try to get Freenet users to use Freenet as proxy with random local IP (127.x.y.z) and PORT.
That way an attacker needs roughly 200 billion requests on average to find the local service (using only 5001..32000 as ports, because they are sure not to be ephemeral).
Ok, it seems that we have different understanding about the terms attack and exploit.
First PoC: Updating my /etc/hosts to allow bad script doing bad things? Nope.
Second PoC: Just did not get it working.
Yes, there were a lot several cases in the past. Get the link-color of visited links in css, using css3 transparency to get your facebook-profile name ... just to name a few.
All of them were handled as serious bugs and get fixed fast.
So, if you have a bug and you can demonstrate it, nice. If you want to discuss things, then I think here is the right place I guess.
After writing this: I still have a different opinion on this topic and think it's wrong to blame Mozilla. They proved in the past often times, that they value privacy and security.
Yes we have very different understanding of network security.
Do you know what DNS rebinding is?
I hope Mozilla know them.
Actually I hope Mozilla developers can deduce at least all the attacks I can conceive from the description I wrote in the bug report.
The fact that it does not work on your specific machine/network doesn't mean much.
It's a proof-of-concept. It works. Tweak it a little.
Rain1 even explained carefully how it works.
As I wrote in the thread suggested by Mozilla to discuss the issue (now censored on Lobste.rs) I used to trust them too.
But I do not trust them anymore. That's just empty marketing.
To prove me wrong, to prove they deserve the trust of their users, there's just one thing they have to do: tell everybody the answer to this question:
People deserve the same answer from Google, Microsoft and Apple, but at least they do not blether that they care about users' privacy.
Exactly this vulnerability is why we try to get Freenet users to use Freenet as proxy with random local IP (127.x.y.z) and PORT.
That way an attacker needs roughly 200 billion requests on average to find the local service (using only 5001..32000 as ports, because they are sure not to be ephemeral).
See d6.gnutella2.info/freenet/USK@sUm3...