[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #15482 [Tor]: Don't surprise users with new circuits in the middle of browsing



#15482: Don't surprise users with new circuits in the middle of browsing
-------------------------+-------------------------------------------------
     Reporter:           |      Owner:  mikeperry
  mikeperry              |     Status:  new
         Type:           |  Milestone:  Tor: 0.2.7.x-final
  enhancement            |    Version:
     Priority:  normal   |   Keywords:  tbb-usability, tbb-4.5-alpha,
    Component:  Tor      |  MikePerry201503, tbb-wants,
   Resolution:           |  TorBrowserTeam201504
Actual Points:           |  Parent ID:
       Points:           |
-------------------------+-------------------------------------------------

Comment (by mikeperry):

 Ok, I attached a new version that also does the stream detach hack (which
 I added primarily because we're boosting our HTTP keep-alive back up to 2
 minutes thanks to solving #4100). This version also adds some debug
 loglines, and I tested it with TBB and torsocks 1.2 and 2.0. The SOCKS u+p
 check works, but I noticed that the old torsocks 1.x actually sends the
 UNIX username as the SOCKS username by default, but the new torsocks 2.0
 has options for SOCKS u+p that are off by default.

 I also noticed that there is still a subtle distinguisher here. If a non-
 hidserv circuit has been alive for more than 10 minutes after first use,
 the only way this could happen without this patch is if a stream was still
 open on this circuit. In that case, a normal Tor client would close that
 circuit immediately after receiving the RELAY_END cell from upstream.
 However, clients running any version of this patch will keep non-hidserv
 circuits open past the 10 minute mark, and then close them without
 necessarily receiving a cell from upstream.

 I am not sure what to do about this. I think it would require a way to
 reliably differentiate hidserv from non-hidserv circuits to use
 effectively, but it might be pretty accurate after that. Does this
 distinguisher trump the usability win here?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15482#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs