Closed Bug 655367 Opened 14 years ago Closed 14 years ago

fingerprinting installed apps through a timing attack using moz-icon: and WebGL

Categories

(Core :: Security, defect)

Product:
Core
Component:
Security
Platform:
x86
All
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: dveditz, Unassigned)

References

Details

(Keywords: privacy, sec-low, Whiteboard: [fingerprinting])

Attachments

(1 file)

PoC (zipped)
9.52 KB, application/java-archive
Details
Attached file PoC (zipped)
Michael Jordon of Contextis reports that users can be fingerprinted through their installed applications using a timing attack based on moz-icon: and WebGL. Warning: this testcase may result in a crash on Windows (bug 655364)
Will look ASAP... but it's Friday 5:30 pm here.
I assume if we fix the generic cross-origin issue in bug 655987 then access to moz-icon: images should be blocked as a matter of course.
Depends on: CVE-2011-2366
Now that bug 655987 is fixed this doesn't work any more (I checked with bjacob and tested locally). PoC is already public other places.
Group: core-security
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
Keywords: sec-low
Whiteboard: [sg:low] → [fingerprinting]
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: