[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy?

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy?
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Tue, 10 Apr 2018 15:40:27 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 10 Apr 2018 11:40:40 -0400
In-reply-to: <051.a81a815b3e13c48730956f85e7c5439d@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <051.a81a815b3e13c48730956f85e7c5439d@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#25737: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy?
--------------------------------------+--------------------------
 Reporter:  cypherpunks               |          Owner:  tbb-team
     Type:  defect                    |         Status:  new
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:                            |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------

Comment (by mcs):

 Replying to [comment:10 cypherpunks]:
 > Sorry for my delay, I had to ask the network administrator: the logs and
 cache contain an entry for `aus1.torproject.org`.

 To add to gk's questions: does the presence of `aus1.torproject.org` in
 your log mean that something did a DNS lookup on that name? I assume so,
 which means the leaked request was an application update request.

 There are at least three possible explanations for the request you saw:
 1. At some point in the past, the default browser proxy preferences were
 modified. Then you started Tor Browser and an application update request
 was sent before the settings were reset to the correct values (which
 Torbutton does during application startup in conjunction with Tor
 Launcher). I think this scenario might occur if transproxy mode was
 enabled at some prior time.
 2. There is a bug in Torbutton or Tor Launcher which temporarily caused
 the wrong proxy settings to be configured. Looking at the code, I do not
 see such a bug but it might be there.
 3. There is a proxy bypass bug in Tor Browser (and probably Firefox as
 well) that is triggered under certain conditions.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25737#comment:16>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser Bundle IP Leak
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #25423 [Core Tor/Stem]: Treat 'ExitRelay 0' as a reject-all policy
Next by Author: Re: [tor-bugs] #3029 [Core Tor/Tor]: We should save received documents before parsing them
Previous by thread: Re: [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy?
Next by thread: Re: [tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy?
Index(es):
- Author
- Thread