JP Vossen on 20 Sep 2017 08:16:38 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] OT: iTerm2 Leaks Everything You Hover in Your Terminal via DNS Requests

OT but lots of folks on the list use Macs.  (Bad, no bacon!)
Version 3.1.1 disables a feature that was added in iTerm 3.0.0 and was turned on by default. This feature is found under iTerm2's "Perform DNS lookups to check if URLs are valid?" setting.

Introduced in version 3.0.0, this feature would watch the user's mouse when hovering any content inside iTerm2's terminal. When the mouse would stop over a word, iTerm2 would attempt to determine if that word was a valid URL and highlight the term as a clickable link.

To avoid creating dead links by using inaccurate string pattern matching algorithms, the feature would make a DNS request instead, and determine if that domain actually existed.
According to the app's official website, iTerm2 3.0.0 was released on July 4, 2016, indicating that scores of users leaked sensitive content to DNS servers without their knowledge for more than a year.

--  -------------------------------------------------------------------
JP Vossen, CISSP | |
Philadelphia Linux Users Group         --
Announcements -
General Discussion  --