Any computer, anywhere?

Lee ler762 at gmail.com
Sun Dec 8 14:23:37 UTC 2013


On 12/8/13, Warren Bailey wrote:
>
> http://m.washingtonpost.com/business/technology/2013/12/06/352ba174-5397-11e3-9e2c-e1d01116fd98_story.html
>
> Noticed this tonight.. Not saying the WP is always on target, but what
> software could be installed via a browser on any computer to gather all of
> that data? And how would it be done without the OS speaking up about it? Far
> fetched.. Or do the Firefox / chrome guys have some 'splainin to do?

   "The goal of the software was to gather a range of information — Web sites
     he had visited and indicators of the location of the computer..."
That's available from just the browser - don't need to install any
software on the computer.  Altho if the browser is exploitable
  http://www.wired.com/threatlevel/2013/08/freedom-hosting/
    The malware showed up Sunday morning on multiple websites hosted by the
    anonymous hosting company Freedom Hosting. That would normally be
    considered a blatantly criminal “drive-by” hack attack, but
nobody’s calling in
    the FBI this time. The FBI is the prime suspect.

  https://lists.torproject.org/pipermail/tor-announce/2013-August/000089.html
    To be clear, while the Firefox vulnerability is cross-platform, the
    attack code is Windows-specific.

Regards,
Lee



More information about the NANOG mailing list