[tbb-bugs] #29957 [Applications/Tor Browser]: clicking on "click to play" media leaks URLs via NoScript on-disk preferences

Fri Mar 29 23:26:04 UTC 2019

#29957: clicking on "click to play" media leaks URLs via NoScript on-disk
preferences
------------------------------------------+--------------------------------
     Reporter:  catalyst                  |      Owner:  tbb-team
         Type:  defect                    |     Status:  new
     Priority:  High                      |  Milestone:
    Component:  Applications/Tor Browser  |    Version:
     Severity:  Normal                    |   Keywords:  tbb-disk-leak,
                                          |  newnym
Actual Points:                            |  Parent ID:
       Points:                            |   Reviewer:
      Sponsor:                            |
------------------------------------------+--------------------------------
 A user in `#tor` reports that clicking on "click to play" media leaks
 sensitive information by causing NoScript to save the URL to disk. It's
 not clear whether this is an instance of #29646. It also seems that these
 URLs persist for search bar completion briefly beyond "New Identity", but
 not beyond a browser restart.

 partial IRC logs below:

 {{{
 29T22:27 <XXXXX> i'd like to report a bug in noscript in tor browser
 29T22:28 <XXXXX> when media is "click to play" and i click it, the browser
                      SAVES IT in HISTORY
 29T22:28 <XXXXX> even though it is tor browser, when i start up the
 browser
                      days later i find that noscript has saved that site
 url to
                      the hard drive... tor browser is not supposed to keep
                      history
 29T22:29 <XXXXX> it was visible in "per-site permissions" in the noscript
                      settings
 29T22:30 <XXXXX> it includes ILLEGAL (lgbt resources) in my country, that
 i
                      do not want anyone to see, but it was still being
 saved by
                      tor browser
 29T22:31 <XXXXX> i did not do anything "unusual" like changing settings or
                      tweaking. i only had security slider MEDIUM and when
 click
                      to play media appeared i clicked it
 29T22:32 <XXXXX> i cleared the history and bleachbit wiped the computer
 but
                      i'm scared
 ...
 29T22:39 <catalyst> XXXXX: that does sound scary in your situation. and it
                     does sound like a bug. what OS and Tor Browser
 version?
 29T22:40 <XXXXX> catalyst: windows 7 tor browser 8.0.8
 ...
 29T22:45 <catalyst> XXXXX: thanks. i'm asking around
 29T22:46 <XXXXX> ok!
 29T22:46 <XXXXX> what do i need to do to erase it? i pressed "reset
                      settings" in noscript and i think that worked and i
 ran
                      bleachbit too
 29T22:47 <catalyst> XXXXX: that depends on how thoroughly you need to
 erase
                     it, unfortunately
 29T22:48 <XXXXX> i dont want family or authorities to see it
 ...
 29T22:48 <XXXXX> ok and doing that with bleachbit "erase free space"
 helps?
 ...
 29T22:50 <XXXXX> it erases free space because deleting files is
 recoverable
 29T22:51 <catalyst> XXXXX: that sounds like it should help. i'm not
                     personally familiar with bleachbit so i can't say
 whether
                     or not it will be effective in this case
 29T22:51 <XXXXX> ok
 29T22:52 <catalyst> operating systems like Tails provide additional
 isolation
                     (i believe Tails won't ever write to a disk unless you
                     explicitly ask it to)
 29T22:57 <catalyst> XXXXX: may i paste your report into a public bug
                     report? (redacting your IRC nickname)
 29T22:57 <XXXXX> catalyst: yes ok
 29T22:57 <catalyst> XXXXX: thanks
 29T22:58 <XXXXX> catalyst: when i clicked "reset" on the noscript settings
                      it broke some things i think the "default settings"
 are
                      not the same ones tor uses so resetting to default
 breaks
                      some things. a check mark is now checked called
 "override
                      tor browser security preset" and even on MEDIUM
 slider
                      settings it makes javascript disabled
 29T22:58 <XXXXX> so also the reset option breaks things too!
 29T23:03 <catalyst> XXXXX: that sounds unfortunate, but not too
 surprising.
                     Tor Browser can't always handle unusual user
 interactions
                     with the components it depends on. we can only try to
 fix
                     stuff like this as we learn about it
 29T23:03 <XXXXX> ok
 29T23:03 <XXXXX> i'll delete and insteall the browser again
 ...
 29T23:12 <XXXXX> catalyst: one other scary thing that might be related.
                      when i visit sites after i press "new identity" that
                      restarts the browser. when the new browser opens then
 i
                      type something into the search bar at the top and
                      sometimes it suggests the sites i was just viewing
 BUT for
                      a split second then they vanish!
 29T23:13 <XXXXX> i only noticed it when pressing "new identity" but not if
                      i close the browser then open it myself instead. but
 after
                      the suggested sites vanish they don't appear again
 and
                      that is weird
 29T23:15 <@arma> XXXXX: i would believe this -- new identity does a pile
 of
                  things, and it does them in some order. it should
 probably
                  change its order so you don't get confused into thinking
 it is
                  done until it really is done.
 29T23:15 <catalyst> XXXXX: that does seem scary. the behavior difference
                     between "new identity" and restarting the browser is
                     helpful to know, though. i'll add it to the bug report

 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29957>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online