Details about zero-day vulnerability in Tor Browser 7.x published on Twitter by security company:
– full bypass of the "Safest" security level of the NoScript extension
– allows malicious code to run inside the Tor Browser
– Tor Browser 8.x is not affected
– update to NoScript "Classic" version 188.8.131.52 / Tor Browser 8.x
browsers were a mistake
@infosechandbook Maybe TOR replacement should just mirror a whole bunch and whittle it down to a clean subset of html, or to data and not even use a browser.
Never believed that eyeball thing, it depends on the number of eyeballs, how good they look, how much they have to surveil.
mastodon.at is a microblogging site that federates with most instances on the Fediverse.