[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser Bundle IP Leak
#25737: Tor Browser Bundle IP Leak
------------------------------------------+----------------------
Reporter: cypherpunks | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
------------------------------------------+----------------------
I am on macOS, and my current setup involves an isolation proxy, custom pf
rules, an application firewall and the tor browser bundle (7.5.3).
The firefox process has only localhost access to the tor.real process.
The tor.real process has only localhost access to the obf4proxy process.
The obfs4proxy process can only access the remote IP/port tuple.
I modified the tbb-torrc adding `UseBridges 1`.
During the latest (vidalia) startup, my application firewall warned me
that a process named `xpcproxy` was attempting to directly connect to
`82.195.75.101/443tcp`.
Since a reverse dns lookup resolves to `listera.torproject.org`, I believe
this to be non malicious, but I'd count the behaviour as a potential IP
leak.
Firefox should wait for the tor process to be ready and spawn the call
over a tor circuit; if not, a malicious ISP (eg) has the potential to
enumerate users.
I denied the access and restarted the browser, but have not been able to
reproduce yet. So this is possibly a race condition between firefox and
vidalia, because of this I am unsure if this should be a tor browser or a
tor launcher ticket.
How can I inspect this?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25737>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs
- Follow-Ups:
- Re: [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy?
- From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy?
- From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy?
- From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy?
- From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy?
- From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy?
- From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy?
- From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy?
- From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy?
- From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy?
- From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy?
- From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy?
- From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser Bundle IP Leak
- From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser Bundle IP Leak
- From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy?
- From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy? (was: Tor Browser Bundle IP Leak)
- From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy?
- From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy?
- From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy?
- From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy?
- From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser Bundle IP Leak
- From: Tor Bug Tracker & Wiki