📰 2026-04-23 04:30 更新
🔸 We found a stable Firefox identifier linking all your private Tor identities / 我们找到了一个稳定的Firefox标识符,可链接您所有的私人Tor身份
🔗 We found a stable Firefox identifier linking all your private Tor identities
🔥 130 points
原文:
We recently discovered a privacy vulnerability affecting all Firefox-based browsers. The issue allows websites to derive a unique, deterministic, and stable process-lifetime identifier from the order of entries returned by IndexedDB, even in contexts where users expect stronger isolation. This means a website can create a set of IndexedDB databases, inspect the returned ordering, and use that ordering as a fingerprint for the running browser process. Because the behavior is process-scoped rat…
译文:
我们最近发现了一个影响所有基于Firefox的浏览器的隐私漏洞。该问题允许网站从IndexedDB返回的条目顺序中导出唯一、确定性和稳定的进程生命周期标识符,即使在用户期望更强隔离的上下文中也是如此。这意味着网站可以创建一组IndexedDB数据库,检查返回的排序,并将该排序用作正在运行的浏览器进程的指纹 因为行为是过程范围的RAT…
自动更新 · 正文抓取 · 双语翻译