[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Google's Chrome Web Browser and Tor
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: Google's Chrome Web Browser and Tor
- From: 7v5w7go9ub0o <7v5w7go9ub0o@xxxxxxxxx>
- Date: Fri, 05 Sep 2008 12:06:34 -0400
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Fri, 05 Sep 2008 12:07:00 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; bh=x5lHO2sC1rId99i9I29VJQl1YgT7yd8MuKV9QXfq83s=; b=wTDAmMoVHOdkjqxnRQAoIE7KrGVGe8NYP0kIsKlVPwnpxIwWXQDdUj31XfflkA+zPR ts3ePkqqSSEEw/0mdSYjtpwiNwKVc/3zUH+safSuThU3oISz3KxcRiOTRSzhtsCZRRKo dDKk+KMplaEnhuKstSSydi3uUk9XrFSADT4Ws=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; b=eNNK9j3f9sQCVgx+DrLQH1chPNBqVOuEqxsajHEB3fZYAwv6gNgzy2XtFHCCgmoLDB 3J5nTqyhlu6uiMC2yyFtpKUyhqV2ZX+LJSkCZggmi+u9j85F5DMI0U8GgVAZQpBhP+IE J80PIRrPpZMwbuosPBr1z3xA0VVHjiDUERr+0=
- In-reply-to: <20080905150839.GL8901@xxxxxxxxxxxxxx>
- References: <21f144250809041520v7d67cc3fu1baec2f490600f79@xxxxxxxxxxxxxx> <20080905150839.GL8901@xxxxxxxxxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
- User-agent: Thunderbird 188.8.131.52 (X11/20080707)
Nick Mathewson wrote:
On Thu, Sep 04, 2008 at 03:20:34PM -0700, Kyle Williams wrote:
I've been playing around with Google's new web browser and Tor. I thought
it might be good to share my findings with everyone.
this on a regular basis, if at all.
The first bug I tried was an old one I found with Firefox; the NEWS:// URI
Any link that has a NEWS:// URI will launch Outlook Express and attempt to
contact the server in the URL...without using Tor.
The second bug I found resulted in local file/folder disclosure.
This is very similar to the one I found in Internet Explorer.
The third bug I found was with MIME-TYPEs, specifically Windows Media Player
The BANNER tag can also leak your IP address when the playlist is loaded
*IF* WMP is not set to use a proxy.
Also, a playlist in WMP can specify protocols that use UDP, hence, no proxy
On the flip-side, it is very cool how each browser tab is it's own process,
making several types of attacks much more difficult.
files/folders able to be read from your hard drive, I've decided not to use
It just doesn't feel privacy/anonymity friendly to me.
Anyone else want to chime in on this?
I dig what I've heard of the Chrome architecture, but it seems clear
that, like every other consumer browser, it's not suitable for
anonymous browsing out-of-the-box. The real question will be how easy
it is to adapt it to be safe. Torbutton, for instance, has proven to
take some pretty extreme hackery to try to shut down all of Firefox's
interesting leaks. If it turned out to be (say) an order of magnitude
easier to extend Chrome to be anonymity-friendly, that would be pretty
awesome. We'll see, I guess.
Has anybody looked into Chrome's extension mechanisms? It would be
neat to know how hard it would be to address the information leaks
addressed in, say, https://www.torproject.org/torbutton/design/ .
ISTM this thing is more a web 2.0 portal than a browser; it is conceived
and designed first and foremost to make user access of Google online
services smooth, slick, (and advertisement laden). Its secondary
function as a good browser simply allows most users to have only one
Given it is OpenBSD Open source, if it proves to be a good design
(interesting for sure) with potential to become a good privacy browser,
and proves to have the very-quick JS engine that some claim, it might be
"forked" at some point.
The first thing the sibling would hopefully do is remove the "unique
application number" business (see below); the second would be all
phone-home features (see below).
Even if it doesn't become officially forked, if it becomes a good
package (say, 6 months from now after intense support and development),
there will likely be patch files and/or "enthusiast" versions available.
Certainly Linux/TOR users will "repair" the userid business before
compiling it (or with a hex editor), and firewall-off any connection
with home base.
Thankfully, Opera with plugins removed is already an extremely quick,
lightweight, secure, general-purpose TOR and non-TOR browser; FireFox
with extensions well-addresses "expanded features", so dual-browser
users can comfortably wait for chrome to mature.
"When you type URLs or queries in the address bar, the letters you type
are sent to Google so the Suggest feature can automatically recommend
terms or URLs you may be looking for. If you choose to share usage
statistics with Google and you accept a suggested query or URL, Google
Chrome will send that information to Google as well. You can disable
this feature as explained here.
If you navigate to a URL that does not exist, Google Chrome may send the
URL to Google so we can help you find the URL you were looking for. You
can disable this feature as explained here.
Google Chrome's SafeBrowsing feature periodically contacts Google's
servers to download the most recent list of known phishing and malware
sites. In addition, when you visit a site that we think could be a
phishing or malware site, your browser will send Google a hashed,
partial copy of the site's URL so that we can send more information
about the risky URL. Google cannot determine the real URL you are
visiting from this information. More information about how this works is
Your copy of Google Chrome includes one or more unique application
numbers. These numbers and information about your installation of the
browser (e.g., version number, language) will be sent to Google when you
first install and use it and when Google Chrome automatically checks for
updates. If you choose to send usage statistics and crash reports to
Google, the browser will send us this information along with a unique
application number as well. Crash reports can contain information from
files, applications and services that were running at the time of a
malfunction. We use crash reports to diagnose and try to fix any
problems with the browser."