[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Firefox IPv6 Anonymity bypass

Thus spake Nick 'Zaf' Clifford (zaf@xxxxxxxxx):

> Hey ya,
> Just noticed one small problem with Tor + Firefox + IPv6.
> I'm aware that Tor doesn't yet support IPv6, but I found an interesting
> development with respect to a system that has IPv6 configured and working.
> If you are using Tor (and have Firefox configured to use the HTTP
> proxy), Firefox will not use the proxy for IPv6 traffic. This means that
> if you visit a website using Tor, and it has a img, href, etc to a ipv6
> hostname, Firefox will happily connect with your native IPv6 connection
> (bypassing Tor).
> The work around for this is to disable Ipv6 (about:config,
> network.dns.disableIPv6 = true)

Nice. Thanks for reporting this, I will add it to the next reelease of
the dev torbutton. 

One thing concerns me though: Since this setting is under network.dns,
does this mean it disables using IPv6 only for DNS replies? Did you
verify this actually works to block numerical IPv6 links as well?

Mike Perry
Mad Computer Scientist
fscked.org evil labs

Attachment: pgpvzstx8lWHO.pgp
Description: PGP signature