As far as exploit techniques, this is a routine UAF that heap sprays a controlled object to kick off a ROP chain. Pwn2Own 2012-level tech.
-
-
Consider the difficulty of running a Tor exit node that injects this exploit into every HTTP session. ¯\_(ツ)_/¯
-
The story here is that there is no story. Software is buggy, 0days exist. Stop obsessing over single vulnerabilities. It's 2016, move fwd.
-
This is unlikely to work. All past info says LE exploits only run for very specific logged in users. https://twitter.com/csoghoian/status/803958781948338176 …
This Tweet is unavailable.
End of conversation
New conversation -
-
-
Don't worry guys. Just run a Tor cluster and use it as an HTTP proxy in a normal browser. Forget the Tor browser package. Also Linux
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
whonix + chrome probably a better bet imo. Better separation between router to open internet and client. Much harder to leak info.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Would a Tor browser bundle based on Chromium instead of Firefox be a good idea?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.