[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] reproducible builds for Android tor daemon

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] reproducible builds for Android tor daemon
From: teor <teor@xxxxxxxxxx>
Date: Fri, 13 Sep 2019 14:19:14 +1000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 13 Sep 2019 00:19:32 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1568348358; bh=5xvkwBr7R8MsKg1qCMH+n0Yu1NLdf501Gn472oQK73A=; h=From:Date:Subject:References:In-Reply-To:To:From; b=eYxskDH0+vZZJt+hlCQBWT52lylKmi+lBcrukhN/pZ1N7dkKpzOQTaiJ18YMfFRjY /3cxPBqylVAucy6NqhUpCXb4UKCOleb86SxnX/YkyQ+4f0HHydjOlci2dC1GMlKgcN fxZAD/S9nxCbgFyqIkCRk/pqPFnxXgUw5UQn4lRM=
In-reply-to: <64667627-8ffe-f59e-8109-8258925a7845@guardianproject.info>
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <64667627-8ffe-f59e-8109-8258925a7845@guardianproject.info>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>

Hi,

> On 12 Sep 2019, at 20:50, Hans-Christoph Steiner <hans@xxxxxxxxxxxxxxxxxxxx> wrote:
> 
> Then that work
> will hopefully be extended into sharing tor between apps, e.g. letting
> Briar, Tor Browser, etc share the tor SOCKS proxy to other apps that
> want to use it. That would happen via Android mechanisms like Intents to
> manage the discovery of SOCKS ports.

It's not always safe to have apps share Tor: a malicious website in one app
can use various caches to discover activity in other apps. And there may
be similar data leaks in other shared data structures or network
connections.

How do these data leaks affect your use cases?

T
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Follow-Ups:
- Re: [tor-dev] reproducible builds for Android tor daemon
  - From: Hans-Christoph Steiner

References:
- [tor-dev] reproducible builds for Android tor daemon
  - From: Hans-Christoph Steiner

Prev by Author: Re: [tor-dev] Preferred compression type?
Next by Author: Re: [tor-dev] Optimistic SOCKS Data
Previous by thread: Re: [tor-dev] reproducible builds for Android tor daemon
Next by thread: Re: [tor-dev] reproducible builds for Android tor daemon
Index(es):
- Author
- Thread