Thread replies: 48
Thread images: 4
Thread images: 4
File: IMG_1670.png (4MB, 1932x1932px) Image search:
[Google]
4MB, 1932x1932px
JavaScript 0day being used in the wild right now.
>tfw shitty insecure Firefox codebase
>tfw no sandboxing
>tfw Mozilla can't be fucked enabling basic memory protections and other compiler hardening on their builds
https://lists.torproject.org/pipermail/tor-talk/2016-November/042639.html
>>
>>57761400
>tor
Only pedophiles and terrorists use tor, shit for brains. Kill yourself.
>>
>>57761423
It's a bug in Firefox, not Tor, you illiterate clown.
>>
>>57761400
we told you firefox is trash, but you freecucks didn't listen.
firefox is the most bloated piece of human waste out there, everyone who thinks that it even remotely compares to chrome in speed, has obviously never used chrome.
>>
>>57761400
>kernel32.dll
laffin
>>
>>57761400
I wanna make those exploits for a living.
>>
>Not keeping javascript disabled
>>
File: re-000.jpg (30KB, 456x402px) Image search:
[Google]
30KB, 456x402px
http://arstechnica.com/security/2016/11/firefox-0day-used-against-tor-users-almost-identical-to-one-fbi-used-in-2013/
>There's a zero-day exploit in the wild that's being used to execute malicious code on the computers of people using Tor and possibly other users of the Firefox browser, officials of the anonymity service confirmed Tuesday.
>Word of the previously unknown Firefox vulnerability first surfaced in this post on the official Tor website. It included several hundred lines of JavaScript and an introduction that warned: "This is an [sic] JavaScript exploit actively used against TorBrowser NOW." Tor cofounder Roger Dingledine quickly confirmed the previously unknown vulnerability and said engineers from Mozilla were in the process of developing a patch.
>According to security researchers who analyzed the code, it exploits a memory corruption vulnerability that allows malicious code to be executed on computers running Windows.
>Windows
Oh boy.
>>
>>57761400
it affects windows users only
>>
>>57761441
>This is an Javascript exploit actively used against TorBrowser NOW
>TorBrowser
Try harder, shit for brains.
>>
>>57763396
You can pretend to be retarded, but that doesn't make you less wrong.
>>
>>57761400
>using Tor with JS enabled
why are people this stupid
>>
>>57761446
enjoy your botnet.
>>
>windows
>tor literally comes with noscript
>allowing javascript in the first place
>>
Safari user here, glad this will never affect me
>>
File: torbb1.png (120KB, 1000x971px) Image search:
[Google]
120KB, 1000x971px
>>57763406
>why are people this stupid
Isn't the default for the TorBB to enable scripts globally? Or am I mistaken?
My scripts are disabled globally. But I thought I had done that.
Isn't the pic related a little confusing to casuals?
>>
>>57763539
>casuals can't read
>>
>>57763383
>Tor users can also disable JavaScript, but turning it off goes against the official Tor recommendations.
>>
>>57763539
>Isn't the default for the TorBB to enable scripts globally? Or am I mistaken?
No, that's correct. They leave it enabled on the grounds that "it breaks too many clearnet sites if you turn it off"
also,
>windows
if you can't at least run it in a Linux VM or something you're beyond saving
>>
>>57763605
even if you are there's no grounds for worry. Just disable JS. That's how all the Tor deanonymization exploits have worked.
>>
>>57763562
>but turning it off goes against the official Tor recommendations
wat
Since when did the SJW's compromise Tor this much?
>>
>>57763735
It's not about that. Turning JS off makes you look weird to a web server.
99.9% of computers have JS turned completely on, and if JS was turned off by default, web servers could easily assume that tor users are the ones with JS turned off.
That's why it's the default.
Tor is all about reducing bits of identifiable information.
You should turn JS off though.
>>
>>57763782
...Umm servers can tell if you are using Tor whether you have js enabled or not...
>>
>>57763782
well they can already just check that you're coming from a Tor exit node, can't they?
>>
>>57761400
thank god for noscript
>>57763383
>windows
LMAO
>>
File: Firefox-logo.svg.png (298KB, 500x605px) Image search:
[Google]
298KB, 500x605px
>>
>>57763465
ungoogled chromium, no botnet, objectively better than firecocks at that this point
>>
# emerge sys-apps/firejail
>>
>>57763782
>makes you look weird
Maybe in a negligible way. But the real reason they enable JS by default is because a lot of websites will break if you don't have Javascript. Normies don't wanna deal with that and so they would just immediately give up on the Tor Browser.
The Tor Project decided that it's better to have people use Tor with Javascript than to have nobody use Tor without it.
>>
>>57763923
This nigger is right.
>>
I switched to Google Chrome fulltime after Mozilla's failed promises.
>2 years ago
>FireFox will have multiple processes and sandboxing in 2 years, dont leave anon!!!!
>2 years later (present day)
>FireFox will have multiple processes and sandboxing in 2 years, dont leave anon!!!!
Fuck you Mozilla. I always thought my computer built in 2013 was shit because it lagged on modern websites (responsive websites and html5 and shit) but then I installed Chrome and there was no more lag!
>>
>>57763502
>implying safari isn't cracked within 1 second in cracking (advertising) contests pwn2own.
>>57764715
Even if it's a loonix thing.
>>57764774
It's have e10s, but i totally hate it. The webm player is broken.
>>
>>57763923
>linux command to fix a windows only bug
w-why?
>>
>>57761423
Agent James, you have work to do.
>>
>>57763878
Still botnet. Search for chromium microphone binary black box. Google added code to chromium that downloaded a binary that listened in on your microphone. Chromium is still botnet.
>>
The problem isn't Firefox. JavaScript itself is a virus language similar in danger to Flash and it must be discontinued.
>>
>>57761400
>using javascript on Tor
I thought that shit was disabled by default? WHy would anyone turn it back on?
>>
>>57765037
You shouldn't be using windows in the first place.
>>
>>57766718
I'm not
>>
>>57761423
You are the guy who shilled against "military grade encryption", aren't you?
>>
>>57765160
>Still botnet. Search for chromium microphone binary black box. Google added code to chromium that downloaded a binary that listened in on your microphone. Chromium is still botnet.
What about iron?
>>
>>57761400
Unironically still using the word cuck when 2016 is almost over. It's been a pretty shitty year it's like 2006 again when every fgt was posting YouTube memes except it's not new anymore.
>>
Already fixed in the Nightly master race
OP IS A FAGGOT
>>
>>57768007
What about what now?
>>
>>57768383
srware iron, chromium fork, supposedly maximally de-jewgled
>>
>>57761400
>enabling JS in tor
>using tor on windows
>using windows
If any of these apply to you, you are legally retarded.
>>
>>57768048
>it's nearly 2017 guys, like come on!
Thank you current year man.
>>
>>57764974
On my installs, opening a new tab causes all other tabs to change to a white page with a spinner.
It renders the browser almost unusable.
There are several bugs about it in their tracker but they can't commit to a schedule or change to fix it.
They have more or less written off a supposedly 16% affected rate.
What the fuck is even going on at mozilla these days.
Thread posts: 48
Thread images: 4
Thread images: 4