[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Google's Chrome Web Browser and Tor

On Fri, Sep 5, 2008 at 10:08 AM, Nick Mathewson <nickm@xxxxxxxxxxxxx> wrote:
> On Thu, Sep 04, 2008 at 03:20:34PM -0700, Kyle Williams wrote:
> > Hi all,
> >
> > I've been playing around with Google's new web browser and Tor.  I thought
> > it might be good to share my findings with everyone.
> > After reading Google's privacy policy[1], I for one would not want to use
> > this on a regular basis, if at all.
> >
> > The first bug I tried was an old one I found with Firefox; the NEWS:// URI
> > type.
> > Any link that has a NEWS:// URI will launch Outlook Express and attempt to
> > contact the server in the URL...without using Tor.
> >
> > The second bug I found resulted in local file/folder disclosure.
> > This is very similar to the one I found in Internet Explorer.
> >
> > The third bug I found was with MIME-TYPEs, specifically Windows Media Player
> > supported formats.
> > The BANNER tag can also leak your IP address when the playlist is loaded
> > *IF* WMP is not set to use a proxy.
> > Also, a playlist in WMP can specify protocols that use UDP, hence, no proxy
> > support...no Tor.
> >
> >
> > On the flip-side, it is very cool how each browser tab is it's own process,
> > making several types of attacks much more difficult.
> > However, with an invasive privacy policy, local proxy bypassing, and local
> > files/folders able to be read from your hard drive, I've decided not to use
> > this browser.
> >
> > It just doesn't feel privacy/anonymity friendly to me.
> > Anyone else want to chime in on this?
> I dig what I've heard of the Chrome architecture, but it seems clear
> that, like every other consumer browser, it's not suitable for
> anonymous browsing out-of-the-box.  The real question will be how easy
> it is to adapt it to be safe.  Torbutton, for instance, has proven to
> take some pretty extreme hackery to try to shut down all of Firefox's
> interesting leaks.  If it turned out to be (say) an order of magnitude
> easier to extend Chrome to be anonymity-friendly, that would be pretty
> awesome.  We'll see, I guess.
> Has anybody looked into Chrome's extension mechanisms?  It would be
> neat to know how hard it would be to address the information leaks
> addressed in, say, https://www.torproject.org/torbutton/design/ .

Is there a particular reason Torbutton or the like isn't just hard
coded into Firefox? Or any reason not to for Chrome?

> yrs,
> --
> Nick


Calendar (usually up to date):