[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #21304 [Obfuscation/Snowflake]: Sanitize snowflake.log

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #21304 [Obfuscation/Snowflake]: Sanitize snowflake.log
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Thu, 21 Mar 2019 15:25:41 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 21 Mar 2019 11:25:52 -0400
In-reply-to: <047.00adb49c5705b3705096756073867e46@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <047.00adb49c5705b3705096756073867e46@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#21304: Sanitize snowflake.log
-----------------------------------+------------------------------
 Reporter:  arlolra                |          Owner:  cohosh
     Type:  defect                 |         Status:  needs_review
 Priority:  Medium                 |      Milestone:
Component:  Obfuscation/Snowflake  |        Version:
 Severity:  Normal                 |     Resolution:
 Keywords:  starter                |  Actual Points:
Parent ID:                         |         Points:  1
 Reviewer:                         |        Sponsor:
-----------------------------------+------------------------------
Changes (by cohosh):

 * status:  assigned => needs_review


Comment:

 Made some changes to the scrubber and added it to the other go components
 (proxy-go, broker, client). The candidate is here:
 https://github.com/cohosh/snowflake/compare/ticket21304

 One of the problems I can forsee with the current code is that I had to
 introduce a hack to make the scrubber leave fingerprints alone. This is
 based off the assumption that logged IPv6 addresses are enclosed in
 {{{[,]}}} brackets. As far as I can tell, this seems to be the case but it
 makes me a bit uncomfortable.

 What are our feelings about scrubbing fingerprints from logs as well? Is
 it necessary? The one in particular I'm looking at is the received answer
 in the client log:
 {{{
 a=ice-options:trickle
 a=fingerprint:sha-256
 8D:CE:FE:08:F1:AC:32:30:88:D1:B4:1A:34:84:19:C2:43:18:4A:57:A9:20:2F:DC:C2:32:01:38:F9:8B:E5:8C
 a=setup:active
 a=mid:data
 }}}

 If we don't need the fingerprint, I'd prefer to "over scrub" instead of
 potentially leaking info if the IPv6 logging violates the above
 assumption.

 I did a cursory glance at the sanitized logs and there are no obvious
 privacy-related leaks at the moment.

 Putting this in needs_review because, while there are other logging
 changes that could be made, most are concerned with the verbosity of the
 output which is a separate issue.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21304#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #29662 [Core Tor/Tor]: Introduce assert functions that allow us to printf error message
Next by Author: Re: [tor-bugs] #28203 [Core Tor/Chutney]: Make chutney log the bootstrap progress for each node
Previous by thread: Re: [tor-bugs] #21304 [Obfuscation/Snowflake]: Sanitize snowflake.log
Next by thread: Re: [tor-bugs] #21304 [Obfuscation/Snowflake]: Sanitize snowflake.log
Index(es):
- Author
- Thread