[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Freedom Hosting Owner Arrested, Tormail Compromised, Malicious JS Discovered

To: Rich Jones <[email protected]>
Subject: Freedom Hosting Owner Arrested, Tormail Compromised, Malicious JS Discovered
From: [email protected] (Riad S. Wahby)
Date: Sun, 4 Aug 2013 16:26:45 -0400
Cc: [email protected]
In-reply-to: <CADJYzxLAUnD0h4i74WQnUOXR0EVMUbEkN8mX7BugatEnuOn6cw@mail.gmail.com>
References: <CADJYzxLAUnD0h4i74WQnUOXR0EVMUbEkN8mX7BugatEnuOn6cw@mail.gmail.com>

Rich Jones <[email protected]> wrote:
> https://openwatch.net/i/200/anonymous-web-host-freedom-hosting-owner-arrested

A more detailed analysis of what's going on with the JS exploit:
    http://www.twitlonger.com/show/n_1rlo0uu

Hits a vulnerability in the FF17 Javascript implementation. Notable
because FF17 is the long-term support version, and it's the one included
in the TOR bundle (though JS is off by default in the bundle).

This business with the FBI spraying JS hijacks around the web is more
than a little troubling. Is this the first widely-publicized case of the
feds indiscriminately deploying an exploit on this scale?

-=rsw

References:
- Freedom Hosting Owner Arrested, Tormail Compromised, Malicious JS Discovered
  - From: [email protected] (Rich Jones)

Prev by Date: Urea at NSA Utah Data Center
Next by Date: [zfs-discuss] Harddisk hacking - gain root in some bisare way
Previous by thread: Freedom Hosting Owner Arrested, Tormail Compromised, Malicious JS Discovered
Next by thread: Freedom Hosting Owner Arrested, Tormail Compromised, Malicious JS Discovered
Index(es):
- Date
- Thread