Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: Deanonymizing SafeWeb Users
From: "Alexander K. Yezhov" <admin () leader ru>
Date: Fri, 15 Feb 2002 21:04:35 +0300
Following upon the letter of Tuesday, February 12, 2002:

DM> Although  SafeWeb's  Web  anonymizing  service  has been shut down
DM> since  December,  they claimed it was the "most widely used online
DM> privacy service in the world".

I  don't  know  who  is  using the SafeWeb engine now, but before this
service  was  closed  I've  had a chance to make sure that it fails to
catch object manipulations. Tested with simple script:

myObj=new Object(window);
myObj.myMethod = open;
myObj.myMethod('http://tools-on.net');

Best regards, Alexander

-----------------------------------------------------------------------
         MCP+I, MCSE on Windows NT 4, MCSE on Windows 2000
  http://leader.ru http://tools-on.net (Security & Privacy on the Net)
-----------------------------------------------------------------------

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]