On Saturday 24 January 2009 17:41, Dennis Nezic wrote: > On Sat, 24 Jan 2009 13:05:41 +0000, Matthew Toseland wrote: > > There have been some question marks over whether it is possible to > > load an image from an external domain and get a callback when it is > > loaded - if so, it may be possible to time fetches of specific sites > > from javascript on an unrelated site. Meaning running a web browser > > on a system with access to fproxy is dangerous. I haven't tested > > this, maybe you'd like to? > > It's a well known attack--"cache timing attacks". Pretty similar to > css-history attacks. And it's also not hard to prevent. (For history > attacks, simply disable history in your freenet profile.) For cache > attacks, simply restrict access to fproxy to a separate freenet user on > your system. (And, of course, do not use that user to surf the > dangerous web--unless, of course, you use a safe browser, like one with > javascript disabled. Javascript is, after all, the root of all > (website) evil.)
The cross-domain rules don't prevent it then? > > Fproxy access can be restricted on a per-user basis very simply with > iptables: > > iptables -A OUTPUT -p tcp --dport 8888 -m owner ! --uid-owner > $FREENETUID -j DROP We have different definitions of easy! This is a good reason IMHO to not include fproxy by default once we have a dedicated browser. And even if we do that, fproxy can still be probed for, just not individual sites... We should also warn about it in the README... -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 827 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/support/attachments/20090124/9390cdd5/attachment.pgp>
