[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #21863 [Applications/Tor Browser]: Ensure proxy safety on Android

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #21863 [Applications/Tor Browser]: Ensure proxy safety on Android
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Tue, 10 Jul 2018 19:05:35 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 10 Jul 2018 15:05:46 -0400
In-reply-to: <042.60e0868b950b9504af541e43cc670848@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <042.60e0868b950b9504af541e43cc670848@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#21863: Ensure proxy safety on Android
-------------------------------------------------+-------------------------
 Reporter:  gk                                   |          Owner:  sysrqb
     Type:  defect                               |         Status:
                                                 |  accepted
 Priority:  Very High                            |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tbb-mobile, tbb-7.0-must, tbb-       |  Actual Points:
  proxy-bypass, TorBrowserTeam201807             |
Parent ID:  #26531                               |         Points:
 Reviewer:                                       |        Sponsor:
                                                 |  Sponsor4
-------------------------------------------------+-------------------------

Comment (by toproxy):

 Tor browser for Android compiled from esr60.1 branch in
 [https://git.torproject.org/user/sysrqb/tor-browser.git sysrqb's Tor
 browser repository] is leaking domains of visited websites. Orfox has the
 same proxy config values as TBA but Orfox does not leak DNS. So I've
 decided to test Firefox 52 and found that Firefox 52 leaks DNS just like
 TBA based on esr60. Were not all Orfox patches added to TBA?


 It appears that this proxy-bypass happens after websites are completely
 loaded. And another thing to note is DNS requests for resources within
 websites are not leaked but that's not always the case.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21863#comment:29>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #26713 [Core Tor/Tor]: relays should explicitly dirty their descriptors on entering/exiting hibernation, rather than implicitly doing it by triggering a bandwidth change
Next by Author: Re: [tor-bugs] #25164 [Applications/Tor Browser]: Reproducible Tor Browser for Android builds
Previous by thread: Re: [tor-bugs] #21863 [Applications/Tor Browser]: Ensure proxy safety on Android
Next by thread: Re: [tor-bugs] #21863 [Applications/Tor Browser]: Ensure proxy safety on Android
Index(es):
- Author
- Thread