Thread: Security Warning (CSS Hack)

UPDATE [November 2011] Only Opera is still vulnerable to this hack (latest version of 11.52). All other browsers appear to have been patched and are no longer susceptible. This includes: Internet Explorer 9, FireFox 7, Chrome 15, and Safari 5.

It has come to our attention that certain trackers (what.cd, x264, GFT and Tophos) are utilizing an internet browser exploit to identify and ban T-I members. The vulnerability is caused by some browsers' implementation of Cascading Style Sheets (CSS). This allows trackers to query your computer and identify which sites you have visited, including Torrent-Invites.com.


Is your computer vulnerable?

CSS Hack Test (without JavaScript)
CSS Hack Test (with JavaScript)


What can you do to protect yourself?

OPTION 1 - Disable CSS Visited Links [Firefox Only]

• Type "about:config" in the address bar
• Type "layout.css.visited_links_enabled" in the filter list
• Change the default value of "True" to "False" by double clicking it
• Restart Firefox

OPTION 2 - Disable Browser History [Firefox Only]

• Tools --> Clear Recent History
• Tools --> Options --> uncheck "Remember my browsing history"

OPTION 3 - Use a Different Browser for TI

• e.g. Use Firefox for TI and Internet Explorer for Trackers

OPTION 4 - Temporarily Enable Private Browsing

• [Firefox 3.5] Tools --> Start Private Browsing
• [IE 8] Tools --> InPrivate Browsing
• [Chrome] Press Ctrl+Shift+N (Incognito)
• [Safari] Safari --> Private Browsing
• [Opera] Opera button --> Tabs and Windows --> New Private Tab or Right click the new tab icon (+ symbol) --> New Private Tab

NOTE: You will need re-enable Private Browsing each time you start the browser.


Additional Information:
CSS History Probing Explained
Sniff Browser History Tutorial
BrowserSpy Test Site
StartPanicking Test Site


UPDATES [October 10th, 2009]

UPDATE 1 - HistoryBlock & NoScript Add-ons

• NoScript only works with JavaScript based exploits
• HistoryBlock does not work if you browse both sites at the same time*

*HistoryBlock utilizes the tab closed & download complete addEventListeners to initiate a history wipe. That leaves you exposed if you have both sites open in separate tabs at the same time or open T-I from the same tab without going to an intermediate page first.

UPDATE 2 - Disabling Browser History

• Does not work in IE
• Does not work in Opera
• Does not work in Safari

*Disabling history only works properly in Firefox.

What about the chrome users ?

I guess deleting browsing history will work here too. Correct me if I am wrong.

I like having my history, so i now use noscript, hope i will not get banned for using it !!
Thanks for the tip tough, highly appreciated.

wudnt using one browser of T-I and another for trackers solve this prob...my guess is this might work 100%....with this users can keep their browse history without any fear of others finding out where else we r members of.

just my thots...dont know if it works this way

Originally Posted by bmwxl33

What about the chrome users ?

I guess deleting browsing history will work here too. Correct me if I am wrong.

Disabling history ONLY works properly in Firefox..

Originally Posted by MaaNYaN

wudnt using one browser of T-I and another for trackers solve this prob...

Yes, a separate browser for trackers will also work.

So they have moved up to banning T-I members with this now. Trackers such as GFT (I think) have been using this method to detect cheaters from forums such as SB-I for a while... bit of a shame they're using it on us now. Maybe it's becoming well known.

If you are using mozilla:
First of all, open your history tabs, delete all with keyword torrent-invites.com.
Then install below plugin :
History Blocker
Add *.torrent-invites.com as your blacklist.

Now you can use browser freely, together with history feature. No worries.

Ive tested it. Works wonderfully.
I hope I'm helping out.
Cheers.

Those big private trackers are such meanies :(

...lets DDOS them :D



lol

But seriously: Download noscript set it to global whitelist in settings and find the blacklist exceptions and copy and paste all the URLs of every private tracker you belong too into that blacklist.

I have always found noscript to be a pain in the arse because it blocks everything under the sun under its default global blacklist. Change it to global whitelist so flash and other user friendly stuff isn't killed in the process and block your tracker URLs.

x264 sucks anyway, so it really dont matter either way.

Oh and its only a matter of time before more trackers catch up.