Microsoft sites expose visitors’ profile info in plain text

Discussion in 'privacy problems' started by Minimalist, Oct 5, 2015.

  1. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,078
  2. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Great, another MITM vulnerability? Or is this is something even worse in terms of attack vectors?
     
  3. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,078
    Yes MITM and possible deanonymization for TOR and VPNs.
     
  4. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,088
    Uh, would we call this a MITM vulnerability? It seems that a user's unique identifier will appear within a hostname. So it will be exposed to their DNS provider(s) and intermediaries would be able to capture it through ordinary sniffing (unless the user is encrypting DNS traffic). Furthermore, that hostname will also appear in the SNI field during TLS handshake. So a party between the user and the TLS server would be able to capture it through ordinary sniffing. For purposes of discussion, the sniffing could be done through a passive tap. The sniffing party doesn't actually have to relay, let alone manipulate, any traffic. It only needs to receive a copy.

    The talk about using a captured unique identifier to access some information you shouldn't be able to access doesn't suggest that a MITM is required either.
     
  5. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    Feh, just typical misuse of GET :eek:

    But the lesson here is to compartmentalize email, website, etc accounts. Using a given account across multiple communication channels links them. So each communication channel should have its own set of accounts. Don't cross the streams!
     
Loading...