Anthony Martin on 20 Sep 2017 08:43:36 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] OT: iTerm2 Leaks Everything You Hover in Your Terminal via DNS Requests


For the record I only use a Mac for work because I got tired of having to call our ops center every time I was having an issue with my work VPN and when they found out I was on a Linux system they would ask who the Linux support was...... 

Thanks for this info though JP.

Anthony Martin

Linux System Administrator


On Wed, Sep 20, 2017 at 11:16 AM, JP Vossen <jp@jpsdomain.org> wrote:
OT but lots of folks on the list use Macs.  (Bad, no bacon!)

https://www.bleepingcomputer.com/news/security/iterm2-leaks-everything-you-hover-in-your-terminal-via-dns-requests/
...
Version 3.1.1 disables a feature that was added in iTerm 3.0.0 and was turned on by default. This feature is found under iTerm2's "Perform DNS lookups to check if URLs are valid?" setting.

Introduced in version 3.0.0, this feature would watch the user's mouse when hovering any content inside iTerm2's terminal. When the mouse would stop over a word, iTerm2 would attempt to determine if that word was a valid URL and highlight the term as a clickable link.

To avoid creating dead links by using inaccurate string pattern matching algorithms, the feature would make a DNS request instead, and determine if that domain actually existed.
...
According to the app's official website, iTerm2 3.0.0 was released on July 4, 2016, indicating that scores of users leaked sensitive content to DNS servers without their knowledge for more than a year.
...

Later,
JP
--  -------------------------------------------------------------------
JP Vossen, CISSP | http://www.jpsdomain.org/ | http://bashcookbook.com/
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug