[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #5761 [TorBrowserButton]: Decide if it's safe to pass the Dooble around the Tor Community
#5761: Decide if it's safe to pass the Dooble around the Tor Community
---------------------------------+------------------------------------------
Reporter: mike123 | Owner: mike123
Type: enhancement | Status: reopened
Priority: normal | Milestone:
Component: TorBrowserButton | Version:
Resolution: | Keywords:
Parent: | Points:
Actualpoints: |
---------------------------------+------------------------------------------
Comment(by mike123):
cool, this man is an excellent expert.
from reading it, very deep looking into doobles code and knowing of what
is spoken.
I though think that the question, if a passpharase is secure enough to
encrypt cookies, is a little bit too detailed, as dooble is the only
browser worldwide, which has a tresor and safe. If the users wants to wash
out cookies or history data, there is an auto function to do that, or just
use the non-auth session, which is like a portable usb stick version.
here is what the developer answers:
It is not practical for Dooble to question the validity of all of the
libraries that it uses. My approach is to report errors and proceed in
some predictable fashion. There are known issues with Qt, with Qt on X11,
with Qt on OS X, etc. Dooble uses the libraries as best as it can.
Questioning every dependency requires a level of paranoia that Dooble is
not comfortable with.
"I expect any function which claims to encrypt data to either output a
ciphertext or report an error. No program should ever silently use
plaintext as if it were ciphertext, even if an error occurs while trying
to encrypt a message."
The method is required to return a buffer of bytes. If it fails
internally, it reports the error and returns the original buffer. Its
failure is deemed acceptable. Dooble's intent is to provide a crisp
browsing experience. It does so by tolerating some mishaps. An assortment
of operations would need to be placed in atomic transactions if the method
is modified to return an empty buffer or some other value. Since the
method is used for recording information to databases, its failure is
completely acceptable.
Impressive critique.
"
And I think this is just the point on the i, what you found out, but
dooble is of course usable to browse over tor and to easily destroy the
cookies on the usb stick or the desktop installation. or, if one bookmark
should be kept, this can be done in a tresor, no other browser has
encrypted bookmarks, this is awesome, and I think tor customers and dooble
intents meet in a perfect match of requirements.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5761#comment:28>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs