Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled

From: nixlists <nixmlists () gmail com>
Date: Tue, 15 Dec 2009 23:11:10 +0000
On Tue, Dec 15, 2009 at 9:39 PM, Dan Kaminsky <dan () doxpara com> wrote:

Nix,

   Proxies are not a security technology in the way you think they are.


They're not, but many still use the browsers' proxy features hoping
for more anonymity and avoidance of data sniffing. Most users are not
security experts. They are not able or are not allowed to use VPNs and
such.


leaks.  Playing whack-a-mole at the application layer is ultimately
pointless.  If you want to prevent network traffic from leaking, you really
need full access to all traffic.


It's pointless from the viewpoint of a security expert, not an
everyday computer user that uses these features thinking it's harder
to sniff traffic. Application bugs like this still need to be
disclosed and fixed. No?

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: