On Sat, Sep 25, 2010 at 5:04 PM, Mike Perry <mikepe...@fscked.org> wrote: > ... >> however, if an attacker has access to read this locally they've >> already compromised you to a degree that random mac affords no >> protection... > > Is this really true?
yup. for the very few situations it is not true, you've designed a virtual network and client environment with this class of information leakage covered (read: you know what you're doing and what you're defending against :) > One of the things I've wondered about here is > plugins, but since Torbutton disables them for other reasons I haven't > really looked into it. yes. this is one reason why Torbutton is great regardless of other protections. the list of plug-ins exposing dangerous interfaces / attack surface is about as long as the list of plug-ins for FFox, Chrome only has a prayer as live browser instance (which it does well by the way!). IE, Opera, Safari, most are hopeless. > For insance, I know Java can create a socket, > and query the interface properties of that socket to get the interface > IP. Why not mac address? yup, and/or upstream router details sufficient to geo locate you, expose public IP endpoint, etc. (like the "how i met your girlfriend" attacks, many others...) > And if not java, can one of flash, > silverlight, pdf-javascript, or others do this? yes. > Already we have > location features built in to the browser based on nearby Wifi MACs... yes. :) > The Java trick to get the interface IP does not require special privs, > so a randomized MAC would in fact help this scenario, if it were > somehow possible. yes. :P *********************************************************************** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/