SoylentNews

MrPlow writes:

Submitted via IRC for TheMightyBuzzard

Digital Rights Management (DRM)-protected media files can be used to reveal Tor Browser users' actual IP address and therefore possibly reveal their identity, HackerHouse researchers have demonstrated.

[...] Attackers who want to uncloak Windows users can encode a file and make it so that the authorization URL points to a page controlled by the attackers.

But, if they want the downloading and opening of the file to be performed without a security alert and the target having to approve the action, they must make sure that the DRM license has been signed correctly, and the Digital Signature Object, Content Encryption Object and Extended Content Encryption Object contain the appropriate cryptographic signing performed by an authorised Microsoft License Server profile.

"The objects are used with a Microsoft license server, configured via a DRM profile, when encoding objects using an SDK," the researchers explained.

[...] The researchers made sure to point out that this attack is limited to Windows users who run Tor Browser, and that it does not take advantage of a vulnerability in the actual browser. "TorBrowser does warn you that 3rd party files can expose your IP address and should be accessed in Tails," they noted.

Source: https://www.helpnetsecurity.com/2017/02/03/uncloaking-tor-browser-users-drm-protected-files/

Original Submission