+ Reply to Thread
Page 15 of 15 FirstFirst ... 5131415
Results 211 to 223 of 223

Thread: CSS History Leak and how to prevent it even with enabled history [Firefox & Opera]

  1. #211
    Moderator
    Instab's Avatar
    Join Date
    18.09.09
    Posts
    6,660
    Activity Longevity
    5/20 17/20
    Today Posts
    0/5 sssss6660
    Quote Originally Posted by gu5t3r View Post
    FF12 and IE9 passed all test found in this thread, I güss this leak is fixed and no need to be afraid of running SB-I and trackers in same browser...
    could you tell what options you used? or any special settings, addons and so on?
    Your account has been disabled.
    Reply With QuoteReply With Quote
    Thanks

  2. #212

    Join Date
    07.04.12
    Posts
    157
    Activity Longevity
    0/20 14/20
    Today Posts
    0/5 ssssss157
    No special options, no addons. Just checked latest Chrome, passed all three tests too.

    What the Internet knows about you
    ha.ckers.org/weird/CSS-history.cgi
    Start Panicking!

    If you do this test IP check by JonDoFox, your browser will reveal many information, but latest one Browser history says Protected and on mouseover states "Modern browsers should not be affected by this attack. If you still have an old browser, please update it as soon as posible."
    Explanation: "Your browser either does not store any website history or it does not mark visited web sites. In both cases you are protected."

    I have history entries from year ago so I guess this leak is fixed on newest browser and What.CD or other trackers should not be able to detect that you are running SB-I tab next to theirs.

    If you are paranoid you could just block sb-innovation.de with HistoryBlock addon for FF. Every time after page loads it will remove it from history. There will not be sb-innovation.de entries in history or any other domains you block.

    Quote Originally Posted by Instab View Post
    could you tell what options you used? or any special settings, addons and so on?
    Reply With QuoteReply With Quote
    Thanks

  3. #213

    Join Date
    28.04.11
    Posts
    533
    Activity Longevity
    0/20 16/20
    Today Posts
    0/5 ssssss533
    I hope you're right and those tests are working fine but you should take into account that what.cd's mods are not humans! They are some machines from the future sent back in time to protect their freaking site where only the right ones shall exist. They love w.cd more than their own mothers.
    Reply With QuoteReply With Quote
    Thanks

  4. #214

    Join Date
    07.04.12
    Posts
    157
    Activity Longevity
    0/20 14/20
    Today Posts
    0/5 ssssss157
    OK, you made me paranoid =)
    I added sb-innovation.de domain to HistoryBlock =)
    And I turned off accept third-party cookies so one domain can not access cookies from other.
    If they figure me out I will let you know =)

    Quote Originally Posted by THC View Post
    I hope you're right and those tests are working fine but you should take into account that what.cd's mods are not humans! They are some machines from the future sent back in time to protect their freaking site where only the right ones shall exist. They love w.cd more than their own mothers.
    Reply With QuoteReply With Quote
    Thanks

  5. #215
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    39,386
    Activity Longevity
    11/20 19/20
    Today Posts
    5/5 ssss39386
    Quote Originally Posted by gu5t3r View Post
    And I turned off accept third-party cookies so one domain can not access cookies from other.
    That's not how it works. Sites can never "read" cookies from outside their domains.

    1. I visit example1.com with 3rd party cookies enabled, and an image from adserver.com is loaded. They set a cookie, and of course my browser stores it.
    2. I visit example2.net which has another image from adserver.com. The cookie that was set before is sent to them. Now they know I'm the same visitor as before, and can build a profile of my visits on any site they serve ads on, but they can't read my cookies in any of them - only their own.

    With third-party cookies disabled, the cookie from adserver.com is never set in step 1, and of course they can't read it in step 2 either. Which still makes it a great idea, by all means.
    "I just remembered something that happened a long time ago."
    Reply With QuoteReply With Quote
    Thanks

  6. Who Said Thanks:

    gu5t3r (28.04.12)

  7. #216

    Join Date
    23.03.12
    P2P Client
    utorrent
    Posts
    21
    Activity Longevity
    0/20 14/20
    Today Posts
    0/5 sssssss21

    Banning for using this forum.....

    Hello,

    I remembered browsing this forum and saw a post that some trackers could find out if you're using this forum based on your browsing history and you will be instantly banned, is that true? If yes, what trackers implement that?
    Reply With QuoteReply With Quote
    Thanks

  8. #217
    Moderator
    shoulder's Avatar
    Join Date
    12.04.08
    Location
    I*** D* M*****
    Posts
    4,827
    Activity Longevity
    4/20 19/20
    Today Posts
    0/5 sssss4827
    It is/was true.

    I'm not sure about all browsers, but Firefox fixed the issue.



    ------------------------------>>>>>>>>>> <<<<<<<<<<------------------------------

    Reply With QuoteReply With Quote
    Thanks

  9. Who Said Thanks:

    illusive (25.05.12)

  10. #218
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    39,386
    Activity Longevity
    11/20 19/20
    Today Posts
    5/5 ssss39386
    I remembered browsing this forum and saw a post that some trackers could find out if you're using this forum based on your browsing history and you will be instantly banned, is that true? If yes, what trackers implement that?
    We have an announcement on the BT Talk section and subforums.

    Announcements - BitTorrent Talk
    "I just remembered something that happened a long time ago."
    Reply With QuoteReply With Quote
    Thanks

  11. #219
    Advanced User ParamouR's Avatar
    Join Date
    01.09.10
    Location
    Third Rome
    P2P Client
    µ
    Posts
    773
    Activity Longevity
    0/20 16/20
    Today Posts
    0/5 ssssss773
    This should be relevant : http://www.sb-innovation.de/showthre...threadid=13725

    I understand so far what does!
    Show respect to all people, but grovel to none​


    Reply With QuoteReply With Quote
    Thanks

  12. #220
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    39,386
    Activity Longevity
    11/20 19/20
    Today Posts
    5/5 ssss39386
    I hear whispers setting the "Visited Links State" value to 0 in Opera fixes the leak, and with whispers I mean I verified it myself.
    "I just remembered something that happened a long time ago."
    Reply With QuoteReply With Quote
    Thanks

  13. Who Said Thanks:

    techsupport (29.05.12)

  14. #221

    Join Date
    31.10.17
    Posts
    49
    Activity Longevity
    0/20 8/20
    Today Posts
    0/5 sssssss49
    this is fixed on actual browsers? chrome, firefox? or still i should use another browsers for visit the forum
    Reply With QuoteReply With Quote
    Thanks

  15. #222
    H265's Avatar
    Join Date
    26.05.13
    Location
    Tengoku
    P2P Client
    ¯\_(ツ)_/¯
    Posts
    422
    Activity Longevity
    3/20 13/20
    Today Posts
    0/5 ssssss422
    Quote Originally Posted by axanon1 View Post
    this is fixed on actual browsers? chrome, firefox? or still i should use another browsers for visit the forum
    it's already fixed. No need to use different browsers.
    Reply With QuoteReply With Quote
    Thanks

  16. Who Said Thanks:

    axanon1 (06.11.17)

  17. #223
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    39,386
    Activity Longevity
    11/20 19/20
    Today Posts
    5/5 ssss39386
    Yes, this is already fixed in all major browsers (see gu5ter's posts at the top of this page), so this thread is another monument.

    Special thanks go to KalPenn for being the first to share information about this exploit, and shoulder for taking the initiative to research it thoroughly and share solutions. Back in 2009 I had portable versions of Internet Explorer 7 and Safari I used just for trackers
    "I just remembered something that happened a long time ago."
    Reply With QuoteReply With Quote
    Thanks

+ Reply to Thread
Page 15 of 15 FirstFirst ... 5131415

Tags for this Thread

Posting Permissions

  • You may post new threads
  • You may post replies
  • You may not post attachments
  • You may not edit your posts
  •