Custom Query (24198 matches)

Filters
 
Or
 
  
 
Columns

Show under each result:


Results (49 - 51 of 24198)

Ticket Resolution Summary Owner Reporter
#1115 fixed jqnotify.exe starting with tbb-firefox.exe phobos Sandy
Description

Java Quick Starter...

When Tor Browser Bundle starts and tbb-firefox.exe loads, tbb-firefox.exe scans the host registry for installed Add-Ons at the following locations[1]:

HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\

HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\

If Java Plantform is installed on the host system it writes a registry value to one, or both, of those of those keys. The registry value is the plugin "Java Quick Starter", and the value is named "jq@…". The hard path to the file is "C:\Program Files\Java\jre6\lib\deploy\jqs\ff".

Those two registry keys have been vectors for malware attacks to firefox via. add-ons in the past[1]...

Using the Sysinternals application "Process Explorer" one can watch in real-time as the file "jqnotify.exe" is called by tbb-firefox.exe. One needs to pay attention, because it loads and then closes in a second or two. I apply this setting in Process Explorer "View > Show New Process" so each new process called gets a highlighted color, makes seeing the files sudden appearance easier. I am unsure how far back this has been a problem with Java Platform, version wise. But it's been a problem for while at least.

When I start TBB in a sandbox I used to get errors about "jsnotify.exe" trying to access the "internet". Well, if I am correct, and I could be wrong, jsnotify.exe doesn't connect to the internet, but does try to access the pipe "\Device\Afd\Endpoint". That is when it hits the sandbox walls facing the internet.

To fix this I just prevent any application within the sandbox from reading those two keys. Maybe someone can hack the firefoxportable which ships with TBB so it won't read those two keys? That seems like a good solution, though I have no idea if it's 'hard' to accomplish or not.

From what Phobos said last night, TBB currently disables the "Java Quick Starter" Add-On in firefoxportable. But, uninstalling the Add-On is not possible, it's always grayed out. That is a trick by Java Platform to prevent the removal of their Add-On. If a user wants to remove the Add-On from their registry all they do is delete the value "js@…" and then configure the Java GUI to not load Java Quick Starter. OTOH, simply deleting the registry value "js@…" might be enough, I'll try to see if I can get Java to reinstall the Add-On into my registry and play with it a bit more.

Here are some relevant threads from Mozilla and other pieces of background info, etc:

http://support.mozilla.com/tiki-view_forum_thread.php?locale=lt&comments_parentId=362460&forumId=1

http://forums.mozillazine.org/viewtopic.php?f=38&t=921325&sid=515e4e29b64ba8c12e52c5ce15504d40

Good forum post with registry info on removing the Java Add-on: http://forums.mozillazine.org/viewtopic.php?p=4837715#p4837715

[1] http://kb.mozillazine.org/Uninstalling_add-ons#Windows_Registry_extension

Contact me at IRC if you need more info. I should be around the next few days at least.

[Automatically added by flyspray2trac: Operating System: Windows 2k/XP]

#1117 fixed bridge authorities mark every bridge stable+guard sysrqb arma
Description

Tonga lists every bridge as Stable and Guard.

Nick suggests this is because "bridge authorities don't count a bridge as having Failed for MTBF purposes when they find it to be non-Running"

[Automatically added by flyspray2trac: Operating System: All]

#1121 fixed reason unexpected while uploading descriptor dragonfly
Description

Hi,

since i upgraded my relay to 0.2.2.5-alpha i am getting these warn message below.

Oct 12 13:15:10.985 [notice] Bootstrapped 90%: Establishing a Tor circuit. Oct 12 13:15:18.207 [notice] Tor has successfully opened a circuit. Looks like client functionality is working. Oct 12 13:15:18.207 [notice] Bootstrapped 100%: Done. Oct 12 13:16:09.666 [warn] http status 404 ("Not Found") reason unexpected while uploading descriptor to server '194.109.206.212:80'). Oct 12 13:16:17.277 [notice] Self-testing indicates your DirPort is reachable from the outside. Excellent. Oct 12 13:16:18.508 [notice] Performing bandwidth self-test...done. Oct 12 13:17:10.924 [warn] http status 404 ("Not Found") reason unexpected while uploading descriptor to server '194.109.206.212:80'). Oct 12 13:23:16.169 [warn] http status 404 ("Not Found") reason unexpected while uploading descriptor to server '194.109.206.212:80').

Some kind of new bug?

[Automatically added by flyspray2trac: Operating System: Other Linux]

Note: See TracQuery for help on using queries.