No, "Mozilla" (I assume you mean "Firefox") wasn't used to insert anything into any servers. It is the other way around. Someone had an exploit on the servers that could be used to exploit older versions of the ESR17 branch of Firefox, which the Tor Browser Bundle uses. (ESR is the "Extended Support Release" and ESR17 is Firefox 17 + important security updates since 17 was shipped. ESR is meant for corporate users and others who want longterm stability but security fixes as well.)
-- Al Billings http://makehacklearn.org On Monday, August 5, 2013 at 4:00 PM, Shava Nerad wrote: > So, essentially, Mozilla was used as the Trojan Horse to insert the payload > into the servers. It wouldn't have made a difference at all if they were > hidden or not, only that they were using web services and allowing any > version of Mozilla to attach.
-- Liberationtech list is public and archives are searchable on Google. Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
