[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance

Subject: Re: [tor-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Mon, 29 Feb 2016 23:42:33 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 29 Feb 2016 18:42:45 -0500
In-reply-to: <047.b589d1c80a79d4dcd3294111da9cdbd1@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <047.b589d1c80a79d4dcd3294111da9cdbd1@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#18361: Issues with corporate censorship and mass surveillance
------------------------------------------+--------------------------
 Reporter:  ioerror                       |          Owner:  tbb-team
     Type:  enhancement                   |         Status:  new
 Priority:  High                          |      Milestone:
Component:  Tor Browser                   |        Version:
 Severity:  Critical                      |     Resolution:
 Keywords:  security, privacy, anonymity  |  Actual Points:
Parent ID:                                |         Points:
  Sponsor:                                |
------------------------------------------+--------------------------

Comment (by cypherpunks):

 Replying to [comment:182 jgrahamc]:
 > I'm not sure how you come up with the 5% number but I think you
 underestimate how complicated deciding what R/O is in the web. Plenty of
 attacks come through GET requests. Doing the R/O mode seems like a nasty
 hack.

 To me R/O would be delivering the cache that you have. The request would
 never see the actual website. This would also discourage adversaries that
 repeatedly pull websites to have an automated advantage at idk ticket
 sales as the cache does not have to be the most recent.

 I mean seriously. How hard can it be to deliver the cache instead of a
 captcha? I can't imagine that this takes one of your junior software
 engineers more than two hours to implement and then a day to deploy. But
 please give us better estimates, so we have an idea of what we are
 actually demanding here.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18361#comment:184>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance
Previous by thread: Re: [tor-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance
Next by thread: Re: [tor-bugs] #8120 [EFF-HTTPS Everywhere]: Local rulesets might be broken?
Index(es):
- Author
- Thread