+ Reply to Thread
Page 2 of 15 FirstFirst 123412 ... LastLast
Results 16 to 30 of 223

Thread: CSS History Leak and how to prevent it even with enabled history [Firefox & Opera]

  1. #16

    Join Date
    07.08.08
    Posts
    205
    Activity Longevity
    0/20 19/20
    Today Posts
    0/5 ssssss205
    Quote Originally Posted by Haggar View Post
    Hi, tried both versions of that page script to detect my firefox history, but nothing was found, i never clean my browser's history, must be because i'm behind a router. So if that page can't detect my history maybe trackers can't either.
    Unless you've got some fancy scripts installed to your router to filter webpages on the fly, that really shouldn't have anything to do with it.
    Reply With QuoteReply With Quote
    Thanks

  2. #17

    Join Date
    20.04.09
    Posts
    154
    Activity Longevity
    0/20 18/20
    Today Posts
    0/5 ssssss154
    Ok so the router has nothing to do with that, well just in case i always use opera for trackers and firefox for the rest.
    Reply With QuoteReply With Quote
    Thanks

  3. #18
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    39,386
    Activity Longevity
    11/20 19/20
    Today Posts
    5/5 ssss39386
    Yes, the router shouldn't have anything to do with it. The JS leak requires JavaScript, so if you have NoScript installed, it may have blocked it, but the "no JS" one doesn't. History disabled or you didn't visit any site listed on the hidden links, perhaps?
    "I just remembered something that happened a long time ago."
    Reply With QuoteReply With Quote
    Thanks

  4. #19
    Moderator
    shoulder's Avatar
    Join Date
    12.04.08
    Location
    I*** D* M*****
    Posts
    4,827
    Activity Longevity
    4/20 19/20
    Today Posts
    0/5 sssss4827
    I don't think so as the list includes sites as Google and Wikipedia, I'm pretty sure everyone has at least visited one of them once.



    ------------------------------>>>>>>>>>> <<<<<<<<<<------------------------------

    Reply With QuoteReply With Quote
    Thanks

  5. #20
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    39,386
    Activity Longevity
    11/20 19/20
    Today Posts
    5/5 ssss39386
    And YouTube, and Facebook... stupid me

    At least SB-I isn't in the list
    "I just remembered something that happened a long time ago."
    Reply With QuoteReply With Quote
    Thanks

  6. #21

    Join Date
    10.06.09
    Location
    Bangkok
    P2P Client
    utorrent
    Posts
    1
    Activity Longevity
    0/20 18/20
    Today Posts
    0/5 ssssssss1
    Is this safe, If I open SBI with firefox and open tracker with Opera?
    Reply With QuoteReply With Quote
    Thanks

  7. #22

    Join Date
    30.12.08
    Location
    House
    P2P Client
    utorrent
    Posts
    555
    Activity Longevity
    0/20 18/20
    Today Posts
    0/5 ssssss555
    Now, I must enter this php code to C:\Documents and Settings\XXXX\Application Data\Mozilla\Firefox\Profiles\XXX.default\chrome or not?
    And I have NoScript addon and I should to forbid sb-i from the addon right or must be globally ?

    Later Edit: After adding this php code can I use history safely ?
    Last edited by atlantis; 15.07.09 at 13:24.
    Reply With QuoteReply With Quote
    Thanks

  8. #23

    Join Date
    11.07.09
    Posts
    10
    Activity Longevity
    0/20 18/20
    Today Posts
    0/5 sssssss10
    Quote Originally Posted by atlantis View Post
    Now, can I must enter this php code to Cocuments and SettingsXXXXApplication DataMozillaFirefoxProfilesXXX.defaultchrome or not?
    And I have NoScript addon and I should to forbid sb-i from the addon right or must be globally ?
    well as far as i understood the scripts on the tracker pages are the problem , right ?
    i myself use noscript too, but for some trackers you need it enabled in order to use the menu or to click some buttons...

    edit:
    oh and thanks OP for the tutorial, will surely implement it. i'm already pretty careful and am using different profiles in FF for almost everything
    Last edited by cooper; 15.07.09 at 13:13. Reason: reason
    Reply With QuoteReply With Quote
    Thanks

  9. #24
    Advanced User alpacino's Avatar
    Join Date
    19.03.09
    Location
    locked in Alchemilla Hospital
    P2P Client
    none, just the toolz
    Posts
    2,059
    Activity Longevity
    5/20 18/20
    Today Posts
    1/5 sssss2059
    Quote Originally Posted by net1 View Post
    Is this safe, If I open SBI with firefox and open tracker with Opera?
    Yes, if you are careful and never mix them, you should be safe.
    it's hip to be square
    Reply With QuoteReply With Quote
    Thanks

  10. Who Said Thanks:

    Vuze-Sbi (11.06.10)

  11. #25
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    39,386
    Activity Longevity
    11/20 19/20
    Today Posts
    5/5 ssss39386
    Quote Originally Posted by atlantis View Post
    Now, I must enter this php code to Cocuments and SettingsXXXXApplication DataMozillaFirefoxProfilesXXX.defaultchrome or not?
    And I have NoScript addon and I should to forbid sb-i from the addon right or must be globally ?

    Later Edit: After adding this php code can I use history safely ?
    Reread the tutorial. You need to type the code inside userContent.css.

    NoScript is to avoid the other "flavor" of leak, the JS one. Just install it and it should automatically ensure harmful scripts aren't run.

    You can leave History enabled after applying this tweak.
    "I just remembered something that happened a long time ago."
    Reply With QuoteReply With Quote
    Thanks

  12. #26

    Join Date
    30.12.08
    Location
    House
    P2P Client
    utorrent
    Posts
    555
    Activity Longevity
    0/20 18/20
    Today Posts
    0/5 ssssss555
    Quote Originally Posted by anon View Post
    Reread the tutorial. You need to type the code inside userContent.css.

    NoScript is to avoid the other "flavor" of leak, the JS one. Just install it and it should automatically ensure harmful scripts aren't run.

    You can leave History enabled after applying this tweak.
    Yes I typed this code inside in userContent.css and for some trakers I must enable java on noscript bcz it's impossible to browse. And with userContent.css and noscript can I use same browser on sb-i and x264 now with forbiding on noscript for x264 ?
    Last edited by atlantis; 15.07.09 at 19:12.
    Reply With QuoteReply With Quote
    Thanks

  13. #27
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    39,386
    Activity Longevity
    11/20 19/20
    Today Posts
    5/5 ssss39386
    And with userContent.css and noscript can I use same browser on sb-i and x264 now with forbiding on noscript for x264 ?
    Yes, considering you're no longer vulnerable to the NoJS leak, and NoScript is blocking an malicious script from x264, you should be safe.
    "I just remembered something that happened a long time ago."
    Reply With QuoteReply With Quote
    Thanks

  14. Who Said Thanks:

    atlantis (15.07.09)

  15. #28
    Advanced User alpacino's Avatar
    Join Date
    19.03.09
    Location
    locked in Alchemilla Hospital
    P2P Client
    none, just the toolz
    Posts
    2,059
    Activity Longevity
    5/20 18/20
    Today Posts
    1/5 sssss2059
    I have a question: where exactly should the userContent.css be created? Because I have two subfolders called "chrome"
    C:Arquivos de ProgramasMozilla Firefoxdefaultsprofilechrome
    and
    Cocuments and SettingsmynameDados de aplicativosMozillaFirefoxProfiless6efij3m.defaultc hrome
    Both have two files userContent-example.css and userChrome-example.css
    Last edited by alpacino; 15.07.09 at 19:51.
    it's hip to be square
    Reply With QuoteReply With Quote
    Thanks

  16. #29
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    39,386
    Activity Longevity
    11/20 19/20
    Today Posts
    5/5 ssss39386
    Because I have two subfolders called "chrome"
    The second one
    "I just remembered something that happened a long time ago."
    Reply With QuoteReply With Quote
    Thanks

  17. Who Said Thanks:

    alpacino (15.07.09)

  18. #30

    Join Date
    30.12.08
    Location
    House
    P2P Client
    utorrent
    Posts
    555
    Activity Longevity
    0/20 18/20
    Today Posts
    0/5 ssssss555
    I put this command on both of them. And in the second one have some things like that ( /* Begin - Smart Bookmarks Bar CSS Imports */
    @import url("chrome://smartbookmarksbar/skin/global/base.css") ).This can be a problem ?
    Reply With QuoteReply With Quote
    Thanks

+ Reply to Thread
Page 2 of 15 FirstFirst 123412 ... LastLast

Tags for this Thread

Posting Permissions

  • You may post new threads
  • You may post replies
  • You may not post attachments
  • You may not edit your posts
  •