[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #20555 [Core Tor/Tor]: stream isolation for DNS and hidden service descriptor cache

Subject: [tor-bugs] #20555 [Core Tor/Tor]: stream isolation for DNS and hidden service descriptor cache
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Thu, 03 Nov 2016 16:02:56 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 03 Nov 2016 12:03:06 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#20555: stream isolation for DNS and hidden service descriptor cache
------------------------------+-----------------
     Reporter:  adrelanos     |      Owner:
         Type:  defect        |     Status:  new
     Priority:  Medium        |  Milestone:
    Component:  Core Tor/Tor  |    Version:
     Severity:  Normal        |   Keywords:
Actual Points:                |  Parent ID:
       Points:                |   Reviewer:
      Sponsor:                |
------------------------------+-----------------
 Seems like Tor's DNS cache ({{{CacheIPv4DNS}}}, {{{CacheIPv6DNS}}}) and
 caching of hidden service descriptors is cached globally.

 The first connection in stream one resolves all DNS or hidden service
 descriptors. But follow up connections in separate streams to the same
 website do not resolve and use Tor's cache.

 So webservers could provide a slightly unique version of their website per
 visitor. Each visitors browser could be instructed to load additional
 content from varying hostnames. Due to caching vs non-caching it might be
 possible to make visitors pseudonymous rather than anonymous.

 The problem is that Tor's cache is global and not stream isolated.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20555>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #20555 [Core Tor/Tor]: Stream isolation for DNS (was: stream isolation for DNS and hidden service descriptor cache)
  - From: Tor Bug Tracker & Wiki

Prev by Author: [tor-bugs] #20658 [Internal Services/Tor Sysadmin Team]: Add hiro as a sandstorm admin
Next by Author: Re: [tor-bugs] #20623 [Applications/Tor Browser]: TBB 6.0.5 DomainIsolator does not generate unique nonce paswords for socksauth
Previous by thread: Re: [tor-bugs] #20463 [User Experience/Translations]: Translate the download page
Next by thread: Re: [tor-bugs] #20555 [Core Tor/Tor]: Stream isolation for DNS (was: stream isolation for DNS and hidden service descriptor cache)
Index(es):
- Author
- Thread