It has come to our attention that certain trackers, including x264, are utilizing an internet browser exploit to identify and ban TI members. The vulnerability is caused by some browsers' implementation of Cascading Style Sheets (CSS). This allows trackers to query your computer and identify which sites you belong to, including Torrent-Invites.com.


Is your computer vulnerable?

CSS Hack Test (without JavaScript)
CSS Hack Test (with JavaScript)


What can you do to protect yourself?

OPTION 1 - Disable CSS Visited Links [Firefox Only]

• Type "about:config" in the address bar
• Type "layout.css.visited_links_enabled" in the filter list
• Change the default value of "True" to "False" by double clicking it
• Restart Firefox

OPTION 2 - Disable Browser History [Firefox Only]

• Tools --> Clear Recent History
• Tools --> Options --> uncheck "Remember my browsing history"

OPTION 3 - Use a Different Browser for TI

• e.g. Use Firefox for TI and Internet Explorer for Trackers

OPTION 4 - Temporarily Enable Private Browsing

• [Firefox 3.5] Tools --> Start Private Browsing
• [IE 8] Tools --> InPrivate Browsing
• [Chrome] Press Ctrl+Shift+N (Incognito)
• [Safari] Safari --> Private Browsing
• [Opera] Does NOT have a Private Browsing option.

NOTE: You will need re-enable Private Browsing each time you start the browser.


Additional Information:
CSS History Probing Explained
Sniff Browser History Tutorial
BrowserSpy Test Site
StartPanicking Test Site


UPDATES [October 10th]

UPDATE 1 - HistoryBlock & NoScript Add-ons

• NoScript only works with JavaScript based exploits
• HistoryBlock does not work if you browse both sites at the same time*

*HistoryBlock utilizes the tab closed & download complete addEventListeners to initiate a history wipe. That leaves you exposed if you have both sites open in separate tabs at the same time or open TI from the same tab without going to an intermediate page first.

UPDATE 2 - Disabling Browser History

• Does not work in IE
• Does not work in Opera
• Does not work in Safari

*Disabling history only works properly in Firefox.

What about the chrome users ?

I guess deleting browsing history will work here too. Correct me if I am wrong.

I like having my history, so i now use noscript, hope i will not get banned for using it !!
Thanks for the tip tough, highly appreciated.

wudnt using one browser of T-I and another for trackers solve this prob...my guess is this might work 100%....with this users can keep their browse history without any fear of others finding out where else we r members of.

just my thots...dont know if it works this way

Disabling history ONLY works properly in Firefox..


Yes, a separate browser for trackers will also work.

So they have moved up to banning T-I members with this now. Trackers such as GFT (I think) have been using this method to detect cheaters from forums such as SB-I for a while... bit of a shame they're using it on us now. Maybe it's becoming well known.

__________________
A mythical creature hunted since the beginning of time. Some say he is just a legend, others believe he is an immortal living among us. His face seen only by those whose lives he has spared. He is hunted by the governments of this world for bringing upon them death and destruction! Part human, part god, he is The Exalted!

If you are using mozilla:
First of all, open your history tabs, delete all with keyword torrent-invites.com.
Then install below plugin :
History Blocker
Add *.torrent-invites.com as your blacklist.

Now you can use browser freely, together with history feature. No worries.

Ive tested it. Works wonderfully.
I hope I'm helping out.
Cheers.

__________________
My big THANKS to: Pascualito, goover, konVILEeuted, smtsh, Knievel and The-Deh

Those big private trackers are such meanies :(

...lets DDOS them :D



lol

But seriously: Download noscript set it to global whitelist in settings and find the blacklist exceptions and copy and paste all the URLs of every private tracker you belong too into that blacklist.

I have always found noscript to be a pain in the arse because it blocks everything under the sun under its default global blacklist. Change it to global whitelist so flash and other user friendly stuff isn't killed in the process and block your tracker URLs.

x264 sucks anyway, so it really dont matter either way.

Oh and its only a matter of time before more trackers catch up.

This vulnerability that allows trackers to query my computer and identify which sites I belong to works only with Browser History or it also checks my cookies ?
Should I delete all my saved cookies ?