[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #10419 [Firefox Patch Issues]: Can requests to 127.0.0.1 be used to fingerprint the browser?
#10419: Can requests to 127.0.0.1 be used to fingerprint the browser?
-------------------------------------+-------------------------------------
Reporter: mikeperry | Owner: mikeperry
Type: task | Status: needs_review
Priority: major | Milestone:
Component: Firefox Patch | Version:
Issues | Keywords: tbb-fingerprinting,
Resolution: | tbb-pref, MikePerry201401R
Actual Points: | Parent ID:
Points: |
-------------------------------------+-------------------------------------
Comment (by cypherpunks):
1. This fix can't to prevent fingerprinting for environment where
Torbrowser used without proxy, like Transparent proxy or something.
2. Tor is not nanny to control what does Torbrowser and it depends
ClientRejectInternalAddresses option, yet it loudly yells to user because
it's bug to surf localhost over Tor.
If you want to deny localhost connection attempts then find way to deny it
actually without reinventing any security holes.
It especially fun with fix for #10682.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10419#comment:32>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs