On Tue, Mar 27, 2018 at 05:43:15PM -0400, taii...@gmx.com wrote:
> https://www.theregister.co.uk/2018/03/20/mozilla_firefox_test_of_privacy_mechanism_prompts_privacy_worries/
>
> Mozilla sucks these days - they pay zero attention to the issue of
> browser fingerprinting and keep sending users data to other parties via
> bogus "opt out" "research" studies.
>
> "Oh but you can opt-out"
> Assuming you even know about it in the first place - and what? you need
> to opt-out of probably thousands of bad things in your life which makes
> such a policy absolute bullshit.
The only saving grace is that they do this tracking on a test group. On the
other hand, Chromium saves both the URL and refer[r]er of every downloaded
file using an user-namespace xattr, a little-known feature implemented by
most filesystems (not tmpfs, if you use /tmp for testing :p). Even in its
"incognito mode" that's not supposed to log anything.
Note that no tool displays the presence of user-namespace xattrs during
normal use, and to specifically query them, you need a tool that's not
installed by default (either getfattr from package "attr" or xattr from
package by that name).
Usually, when you hear about xattrs, it's because of file capabilities or
selinux labels, that's why most file manipulation programs either copy
xattrs by default or can be told to do so. If you don't know what I'm
talking about, run: 「getcap -r /bin /sbin /usr」 (it's a safer version of
the setuid bit that grants only limited capabilities, so if someone suborns
eg. /bin/ping, the attacker obtains only use of raw sockets instead of full
root escalation). For this reason, most sysadmins are told to give -X to
rsync.
Some tools copy xattrs, some don't:
* cp doesn't unless you say --preserve=xattr
* mv does
* rsync only with -X (but it's needed for caps)
* mc doesn't
* tar saves but doesn't restore unless with --xattrs (and you can
--xattrs-exclude='^user.')
Obviously though, lack of such support doesn't help if you save the file
directly to its final destination, which you usually do.
Support in filesystem varies:
* ext{2,3,4}, xfs, btrfs, reiserfs, f2fs, ..., do
* tmpfs doesn't
* vfat doesn't on Linux but (reportedly) does on Windows
* ntfs does
Usually you can mount -o nouser_xattr, which is wrongly documented as being
reiserfs specific (which shows how widespread knowledge of this is...); alas
this doesn't include btrfs which doesn't support nouser_xattr. I guess
someone should implement it...
The only other tool that logs the URL and (on recursive downloads)
refer[r]er this way is wget, which got patched by Sean Burford (a Google
employee) at the same time when this misfeature landed in Chrom{e,ium}.
More interesting is the timing between this addition and the DNC hack, where
the files are known to have been saved to an USB pen drive. This would
explain the weird inclusion of refer[r]er, which has no obvious legitimate
use but would often leak who downloaded the file (if a session was
identified as an argument to the URL rather than a cookie).
Most of us don't run around hacking a ruling party for a sinister russian
agency -- but you do carry a phone, which get routinely seized, searched, or
possibly even remotely accessed. Thus, if you have any files whose origin
you'd prefer to stay private...
Meow!
--
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ A dumb species has no way to open a tuna can.
⢿⡄⠘⠷⠚⠋⠀ A smart species invents a can opener.
⠈⠳⣄⠀⠀⠀⠀ A master species delegates.
_______________________________________________
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
