[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Extend auto-IP-switching-time in TorBrowser (and depending from time of inactivity)



Ben Stover:
> As far as I know TorBrowser switches automatically every 10 minutes the node chain resp. the IP of the ExitNode.
> 
> Can I somehow extend this timeout time to another value e.g. 30 minutes?
> 
> Or (even better) can I let Tor auto-switch the IP and chain depending from the time of inactivity (.e.g when 15 minutes no
> web page is called)?

We had a long discussion about this in
https://trac.torproject.org/projects/tor/ticket/15482. Ultimately, a fix
was merged to Tor, but it did not cause Tor to update its circuit
discard timeout (the "dirtyness" timeout) upon stream detach.

I have also noticed worse behavior since Tor Browser switched from the patch I
wrote in
https://trac.torproject.org/projects/tor/attachment/ticket/15482/0001-Bug-15482-Don-t-abandon-circuits-that-are-still-in-u.patch
to the version in Tor today.

I also agree we should be more aggressive about keeping circuits in use.
I think we should go back to updating this timeout when streams are
closed, otherwise we risk the situation where HTTP KeepAlive keeps an
idle stream open for several minutes, and then when that stream closes,
it is more likely that a new stream will go on a separate circuit
because the timeout expired while the stream was open but idle.

This situation will only get worse if/when we enable HTTP 2. 

I have noticed websites switching language on me mid-use as a result.
This is extremely bad for usability, and makes no sense for privacy on
the web, since web sessions contain plenty of identifying information
when they resume, regardless of what circuit they use. In my
not-so-humble opinion here, the Tor network usage should match Tor
Browser's identifier protections exactly. Any mismatch is just bad
usability for no privacy gain...


-- 
Mike Perry

Attachment: signature.asc
Description: Digital signature

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk