Re: [tor-bugs] #7085 [Tor bundles/installation]: Integrate Cryptocat Browser Extension into Tor Browser Bundle

["Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>]

#7085: Integrate Cryptocat Browser Extension into Tor Browser Bundle
--------------------------------------+-------------------------------------
 Reporter:  kaepora                   |          Owner:  erinn                        
     Type:  enhancement               |         Status:  new                          
 Priority:  normal                    |      Milestone:  TorBrowserBundle 2.2.x-stable
Component:  Tor bundles/installation  |        Version:  Tor: unspecified             
 Keywords:                            |         Parent:                               
   Points:                            |   Actualpoints:                               
--------------------------------------+-------------------------------------

Comment(by mikeperry):

 Unfortunately, putting Cryptocat into the default TBB is not zero
 cost/zero risk. Here's a list of things that would make me feel better
 about the decision.

 First and foremost, I'd want to be absolutely sure that it didn't
 potentially expose even users who didn't use it to XUL XSS bugs or other
 vulnerabilities. Related. I'd want to be sure the UI didn't confuse or
 distract users who didn't know what it was for.

 Second, I am very concerned that there were XUL XSS bugs in the chat
 windows. To me, that's a bad sign. Ideally, I'd like to see something on
 your side (ie a tag in your bugtracker or some other document you wrote)
 that enumerates the patches that resulted from your first audit.

 Third, while it does look like the audit was extremely thorough, I think
 I'd prefer a second one for this reason. XUL XSS is quite serious, and
 since you're writing a network-facing app with lots of user and network
 provided content, its critical that your code receives lots of this type
 of review. I also want to feel sure you understand the issues and
 vulnerability vectors here, so I can be confident they won't reappear in
 future versions as you add features.

 Fourth, I guess I am mildly concerned about the crypto security. I don't
 believe it's impossible to do crypto with JS, but I would prefer it if the
 underlying primitive implementations also had a chance for review,
 especially since our inclusion of this addon would probably be seen as
 endorsement of its crypto and security by many.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7085#comment:26>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs