Anonymity is critical for the sanctity of the internet and, as it turns out, it could be endangered by Microsoft, thereby putting Windows users at severe risk. It has been discovered that Windows users running the Tor browser can unwittingly reveal their masked identities. This is achieved by exploiting a relatively simple loophole enabled by Microsoft’s own DRM system.
The credit for discovering this potentially damning security hole goes to the UK-based security outfit Hacker House. The researchers at the company found the critical flaw while explicitly probing DRM-protected content for security loopholes. The security gaffe can be exploited with a straightforward example of social engineering, where unwitting users are lured into clicking on media files, which happen to be in Microsoft’s proprietary media format WMV.
This exploit works because the Microsoft DRM embedded into WMV files needs to fetch its licence key from a preordained media server. Usually, this process would raise a warning dialogue box in case the licence isn’t signed properly. However, the situation is a bit different since this is Microsoft’s own licence. The researcher explains how “this warning DOES NOT appear if the DRM license has been signed correctly and the Digital Signature Object, Content Encryption Object and Extended Content Encryption Object contain the appropriate cryptographic signing performed by an authorised Microsoft License Server profile”.
Clicking on the WMV files can, at the very least, reveal the users’ real IP address. This is devastating, considering how Tor browsers are expressly used to anonymise user identity and prevent anyone from tracing and identifying the source. While the prohibitively high cost ($10,000) of obtaining a DRM licence from Microsoft might appear to keep hackers at bay, some hackers have managed to generate digitally signed and booby-trapped content without paying the licencing fee. Needless to say, if you happen to use the Tor browser for anonymity, you might want to avoid clicking on media files, especially those in Microsoft’s WMV format.[Source: The Register]