TrackMeNot leaks

Hi malware fighters,

As dk70 demonstrated, several extensions in FF or Flock have memory leaks. Some install the TrackMeNot search-query obfugation privacy tool. Leak for version 3.0. see here:

Leaks in window 0x1900190:
[+] [leaked object] (2f94290, chrome://trackmenot/content/trackmenot.js, 405-441) = function () {
try {
if (req.readyState == 4) {
if (req.status != 200) {
gTrackMeNot.log(“[WARN] Loading " + query + " | " + req.status + “:” + req.statusText);
} else {
gTrackMeNot.log(”[QUERY] engine=" + engine + " | query=‘" + term + "’ | " + req.status);
if (gTrackMeNot.enabled) {
gTrackMeNot.setStatus(gTrackMeNot.showQueries ? (“'” + term + “'”) : “ON”);
gTrackMeNot.scheduleNextSearch(gTrackMeNot.timeout);
} else {
gTrackMeNot.setStatus(“OFF”);
}
}
}
} catch (ex) {
gTrackMeNot.cout("ERROR: " + ex.message);
gTrackMeNot.log(“ERROR: " + ex.message);
var longPause = gTrackMeNot.timeout * 10;
gTrackMeNot.log(”[WARN] No Connection: " + "trying again in " + longPause + “ms”);
gTrackMeNot.setStatus(“ERR”);
if (gTrackMeNot.enabled) {
gTrackMeNot.scheduleNextSearch(longPause);
}
}
}
prototype (d8f8c0) = [object Object]
[+] [leaked object] (19eba28) = [object Object]
[+] observe (19eba38,

What can be analyzed from this?

polonus

Yes D but TMN is now version 0.4.24 has this issue been addressed?

Hi tednelly,

Well have to run the new version longer with Leak Monitor installed to see for what occasions (objects/patterns) it leaks. It is nothing to be afraid of. It is more a thing for the developer, but from university coders you would expect them to write there closings right, and not to code “around in circles”. Flash nodes always leak, but that is inherent to that kind of stuff. In any case the coders should run it against a good garbage collector, and debug decently. These problems are also inherent to FF because of their extension policy, and whenever there are problems (the old NoScript, the old Adblock), someone of the browser coders get the bugs assigned, and have to look for a solution, the old coders may have gone ZZZZZZ a long time.
That is also why there comes in a policy to drop all the old code in open-source browsers and strip it down to secure coded code only in the long run.

polonus

Yeah you must always use latest version. All this NO leak/bug policy is rather new 8) Well actually TMN looks like one of the more documented and better maintained http://mrl.nyu.edu/~dhowe/trackmenot/ usually a good sign extension makers bother making a website expanding on the short intro at Add-on site.

If extension do not support Flock you cant blaim them for whatever problem in that browser. There is a difference between installation and no problems. Many fix not yet Firefox 2.0 compatible extensions with tools like Nightly Tester or edit max value for supported version in install.rdf. And voila, they now install but not same as if they work 100%. Most do though, probably also TMN.

Anyway, not all like TMN http://blog.air0day.com/2006/08/21/worst-security-tool-ever/

Thanks for the feed back guys much appreciated
very interesting read dk70 thanks. learn somthing new every day
http://img246.imageshack.us/img246/8399/thumbsup4kk.gif

Hi tednelly,

You can enfore all FF extensions in the latest builds of Flock, no sweat, next time you fire them up the Flock inbuilt carver makes you can use them. Only thing you have to enforce them again when Flock is updated (actually to-day).
There are also tools to port FF extension to have them “flocked”.
Yep, I agree that dk70 brought to us some insights we all profit from. So much the better,

polonus

lol D. I’m convinced you are a “Flock-a-holic” mate! onya!
Thanks again D. ;D

Yes, thanks Polonus, interesting to say the least. :slight_smile: