Some background, I was a hacker for 15 years and survived some heinous shit including attempts of doxing by class enemies and actually being hunted by feds. But one of the techniques keeps coming back from the death all those decades is Electron web app framework HTTP leak. It’s a very simple 0day but niche to the point that Electron devs somehow can’t patch it. What this HTTP leak attack does is it allow traffic from an app client to be traced as soon as the attacker made contact with the client network server. Electron leaks both private and public IP addresses of user. You can demonstrate this yourself with just a reddit app and chat function, and tracert. It’s a trivia bug but if you have heard of things like Xbox, psn or steam resolver, it’s basically just Electron HTTP leak attack. And it costs actual thousands of human lives in both global south, and in US especially the Andrew Finch murder in Wichita because the doxer used resolver. And that’s a thing, once you get the IP, you can locate the target’s ISP narrowing down the subnet of it. But because Palestine subnet is significantly smaller than US, Zionist and American intelligence can just increase accuracy through host discovery or ping scanning to correlate all connected targets in the same network pinpoint exact device Electron leaking. Please consider this in your opsec.
This doesn’t make any sense. Electron is used for desktop apps, not mobile apps. The Andrew Finch shit, you’re just making up. Then the “explanation” is not an explanation at all. What is even “steam resolver”? What do “Xbox”, “PSN” have to do with Electron? What does tracert have to do with it? If it’s so simple why hasn’t it been published yet as a CVE entry?
Again this doesn’t make any sense. The IP comes with the subnet, and why would need to know the ISP?
And finally, why would they need to do this in the first place if they already own everything and can effectively surveil all traffic?