[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #16617 [Tor Browser]: Potential security hole du to cache policy

Subject: Re: [tor-bugs] #16617 [Tor Browser]: Potential security hole du to cache policy
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Tue, 21 Jul 2015 17:56:24 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 21 Jul 2015 13:56:40 -0400
In-reply-to: <045.df862c31e2f3023b393ba41f9be874d5@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <045.df862c31e2f3023b393ba41f9be874d5@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#16617: Potential security hole du to cache policy
-----------------------------+-------------------------------
     Reporter:  gojul        |      Owner:  tbb-team
         Type:  defect       |     Status:  needs_information
     Priority:  normal       |  Milestone:
    Component:  Tor Browser  |    Version:
   Resolution:               |   Keywords:
Actual Points:               |  Parent ID:
       Points:               |
-----------------------------+-------------------------------

Comment (by gk):

 Replying to [comment:2 gojul]:
 > By looking at the content of the files (there can be HTML and so on) and
 deducing which websites were actually visited.

 Who is looking and where? Note that Tor Browser is not defending against
 an attacker who has access to your computer. Moreover, Tor Browser is
 disabling the on disk cache. How should the attack work you have in mind?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16617#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #16617 [Tor Browser]: Potential security hole du to cache policy
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #16551 [GetTor]: Improve Latests TBB Format to be easily parsable
Next by Author: Re: [tor-bugs] #16631 [Tor]: Potential memory leaks in thread pool code
Previous by thread: Re: [tor-bugs] #16617 [Tor Browser]: Potential security hole du to cache policy
Next by thread: Re: [tor-bugs] #16344 [Service - lists]: Anomalous tor-reports@ subscription requests
Index(es):
- Author
- Thread