[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #11096 [Applications/Tor Browser]: Randomize MAC address before start of Tor

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #11096 [Applications/Tor Browser]: Randomize MAC address before start of Tor
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 25 Oct 2017 05:55:25 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 25 Oct 2017 01:55:37 -0400
In-reply-to: <049.028d39fb627704ac8395b1cf46cb3130@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <049.028d39fb627704ac8395b1cf46cb3130@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#11096: Randomize MAC address before start of Tor
--------------------------------------+--------------------------
 Reporter:  csoghoian                 |          Owner:  tbb-team
     Type:  enhancement               |         Status:  assigned
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:  tbb-security              |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------

Comment (by cypherpunks):

 Replying to [comment:5 bugzilla]:
 > Meaningful part of this ticket is
 > > TBB exploits
 > So, propose renaming it to something like "Investigate methods of
 hardening of Firefox to prevent MAC stealing".
 This is not too difficult. A MAC address is obtained by using either an
 IOCTL (SIOCGIFHWADDR), or the NETLINK protocol (AF_NETLINK). Just blocking
 those syscalls when that argument is used should be sufficient, assuming
 other more obvious issues like arbitrary filesystem access or the ability
 to bypass Tor to phone home is mitigated.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11096#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #24070 [Metrics/Bot]: Generate an event if more than X relays join
Next by Author: [tor-bugs] #23811 [Applications/Tor Browser]: Investigate MinGW commit for create_locale thing
Previous by thread: Re: [tor-bugs] #13873 [Applications/Tor Browser]: hard lock tails/torbrowser
Next by thread: [tor-bugs] #23980 [Core Tor/Tor]: Provide torrc option to kill hidden service circuits after $TIMEOUT
Index(es):
- Author
- Thread