[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #5220 [Tor Client]: Intelligently use capabilities/privileges and drop what we don't need for Debian Gnu/Linux

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #5220 [Tor Client]: Intelligently use capabilities/privileges and drop what we don't need for Debian Gnu/Linux
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Sun, 04 Mar 2012 02:29:22 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 03 Mar 2012 21:29:33 -0500
In-reply-to: <047.5779060070400c7e7494e8180a6de5b9@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bug tracker status mails <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <047.5779060070400c7e7494e8180a6de5b9@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#5220: Intelligently use capabilities/privileges and drop what we don't need for
Debian Gnu/Linux
-------------------------+--------------------------------------------------
 Reporter:  ioerror      |          Owner:                   
     Type:  enhancement  |         Status:  needs_information
 Priority:  major        |      Milestone:  Tor: unspecified 
Component:  Tor Client   |        Version:  Tor: unspecified 
 Keywords:  security     |         Parent:  #5219            
   Points:               |   Actualpoints:                   
-------------------------+--------------------------------------------------

Comment(by cypherpunks):

 >Please explain in more detail so that someone can break this part.
 I'm not familiar with the code base. But as I said, I have my doubts as
 well whether this strategy would work at all, except for the pluggable
 transport:

 >A pluggable transport server has access to clients' IP addresses, can log
 the times, sizes, and directions of traffic burts, and can redirect all
 connections from new clients to an attacker-controlled relay for circuit-
 level traffic logging.

 Isn't that the same capabilities as the ISP already has? None of that,
 even combined necessarily breaks the user's security expectations. But
 they are broken if the transport server can be remotely exploited to phone
 home through a circuit as opposed to directly sending malformed packets as
 a neighboring node. Still, it "rises the bar". That's all we can hope for,
 till Tor is completely formally verified.

 I think far more fruitful than introducing a multi-process architecture
 now is compiler hardening and thinking about the TorBrowser security
 architecture...

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5220#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #5234 [Company]: Create account for Isis
Next by Author: Re: [tor-bugs] #5220 [Tor Client]: Intelligently use capabilities/privileges and drop what we don't need for Debian Gnu/Linux
Previous by thread: Re: [tor-bugs] #5220 [Tor Client]: Intelligently use capabilities/privileges and drop what we don't need for Debian Gnu/Linux
Next by thread: Re: [tor-bugs] #5220 [Tor Client]: Intelligently use capabilities/privileges and drop what we don't need for Debian Gnu/Linux
Index(es):
- Author
- Thread