[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Does tor still leak memory?



On Fri, Sep 09, 2005 at 10:16:06AM -0500, Arrakis Tor wrote:
> This happens when I am surfing outside the Tor network on my tor
> server. I go to some host name that is definitely there, and instead i
> get back dirport output.
>
> On 9/9/05, Roger Dingledine <arma@xxxxxxx> wrote:
> > My guess is that some Tor server out there has a broken DNS resolver,
> > and it's tricking you into getting a different page than you intended.
> > (If only the Internet had ubiquitous dnssec and https...)
> > 
> > If you can narrow down which server it is, we can take some steps to
> > fix it.

Ah ha.

I believe the misbehaving DNS resolver is yours. :)

I've observed that some Windows machines have weird behavior where
sometimes they return 127.0.0.1 when they don't have a better answer.

This is a problem when those nodes run as exit nodes, since then you get
their local web site, whatever it is. In your case you aren't using Tor
at all for your browsing, but you're seeing the same effect.

Does this sound plausible? Can you track down whether your computer
really did get told to go try the website at 127.0.0.1?

I'd love to know more details here, since this has been a question
for a while.

> Another concern... is it possible for someone to spoof places I am
> logged in at if I allow myself as an exit node?

"Maybe." If the website keeps track of who you are with certificates,
as it should, then no. If it keeps track with cookies, then also no.
But if it keeps track of who you are by your IP address, then this may
be possible.

But note that very few websites do this, because there are many situations
besides Tor where a single IP "is" many people. Corporate firewalls,
DHCP users, and AOL users come to mind. So if you find a website that
does, you should already be suspicious of its security.

Hope this helps,
--Roger