[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Disabled Torbirdy itself Leaks DNS

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-talk] Disabled Torbirdy itself Leaks DNS
From: Bry8 Star <bry8star@xxxxxxxxx>
Date: Fri, 15 Mar 2013 03:15:49 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 15 Mar 2013 06:16:37 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1363342586; bh=eAdpoi4MESXsPtckmY/gYtWxwhDIZfYVNJbmSGyCKXQ=; h=X-Yahoo-Newman-Id:X-Yahoo-Newman-Property:X-YMail-OSG:X-Yahoo-SMTP:X-Rocket-Received:Message-ID:Date:From:Reply-To:User-Agent:MIME-Version:To:Subject:X-Enigmail-Version:Content-Type; b=NN3ERuGiF/bSI2Hj6FGfBlH4/UALKVl6CNnz9T2Bpi/ZQjSVkzZ6x6Smac7Z/k1JAyWA2o3GjA018Z0PC/XD1mBVjT8WlBSA7M/DsjHBsFEjedUTi0o5Um+9DIB/sXI8NZUm1kTG1bEayzUwVxe6bg4uzQskYvGJMDFuPLgIq3c=
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (Windows NT 5.1; rv:17.0) Gecko/20130215 Thunderbird/17.0.3

Hi,
when i setup socks5 proxy (without torbirdy plugin) in Thunderbird,
then these config options are set:

network.proxy.socks="127.0.0.1"
network.proxy.socks_port="9050"
network.proxy.type="1"
network.proxy.socks_version="5"
network.proxy.socks_remote_dns=true

and i also manually set few other config params/options, that are
related to make this specific thunderbird anonymous friendly.

with those thunderbird works fine.

And, after installing Torbirdy plugin, those options remains same.

But when i disabled Torbirdy, then:
except for below config option, all remain same:
network.proxy.socks_remote_dns=false

And because of this, Thunderbird starts to use local DNS resolver on
user's local computer, instead of using remote dns via Socks5 proxy !

Thus, a disabled Torbirdy itself is cause of DNS leaks.

Luckily i have firewall in place, which previously pre-set to
not-allow any traffic from Thunderbird toward any where else, only
connection allowed for Thunderbird, is toward the ip address
127.0.0.1 on port 9050. (And on windows boxes, i needed to allow
local(127.0.0.1) loop connection for Thunderbird itself).

And firewall is also configured to WARN me if Thunderbird (or any
Torified app) tries to use anything other than what was mentioned in
above paragraph. So i was able to view these DNS leak attempts.

So when Torbirdy plugin is disabled, then it should not change that
config option to "false", it should keep it to "true" if user
previously was using socks5 proxy by specifying it manually.

Torbirdy should be able to use a file or technique, which will allow
it to remember what params/options & values were used before, so
when disabled it should revert back only those specific settings
which it changed, not to what it thinks it should be.

So pls create bug-report or please take steps to solve such problem(s).

Thank you,
-- Bright Star.

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Disabled Torbirdy itself Leaks DNS
  - From: Bry8 Star

Prev by Author: Re: [tor-talk] Can OpenVPN servers be run as Tor hidden services?
Next by Author: [tor-talk] Does TorProject Delay eMail Postings ?
Previous by thread: Re: [tor-talk] How to obfuscate the Tor Browser activity from the Time/Size correlation attack?
Next by thread: Re: [tor-talk] Disabled Torbirdy itself Leaks DNS
Index(es):
- Author
- Thread