Firefox certificate cache leaks user information
- Date: Thu, 23 Feb 2017 11:06:05 -0800
- From: Sailfish <NIXCAPSsailfish@xxxxxxxxxxxxxxxxxxxxxxxx>
- Subject: Firefox certificate cache leaks user information
[excerpt quote=\"Firefox's intermediate certificate cache can be tricked into leaking to a deliberately mis-configured server, creating yet-another chance to fingerprint users (including those who think they're protected by Private Browsing).
...The issue has raised a lively discussion at the Mozilla list about the severity of the problem and whether it's fixable. Gervase Markham notes that a useful attack would be non-trivial, while noting however that the authors of the Tor browser might consider disabling caching in their software.
\" /] NOT MY PRIVATE BROWSING PRON, erm, SOCIAL NETWORK, SESSIONS! -- Sailfish Rare Mozilla Stuff: http://tinyurl.com/lcey2ex _______________________________________________ general mailing list general@xxxxxxxxxxxxxxxxx https://lists.mozilla.org/listinfo/general