[tbb-dev] Tag: sandboxed-tor-browser-0.0.12
Yawning Angel
yawning at schwanenlied.me
Tue Aug 1 20:53:03 UTC 2017
Hello,
I tagged sandboxed-tor-browser 0.0.12 just now.
Changes in version 0.0.12 - 2017-08-01:
* Bug 22969: Disable the addon blocklist.
* Bug 22984: Force IDNs to be displayed as punycode to thwart homograph
attacks.
* Bug 22967: Force disable crashdump reporting.
* Bug 23058: Apply the SelfRando workaround to 7.5a3 as well.
* Default disable `dom.securecontext.whitelist_onions`.
Rationale for the potentially controversial changes are as follows:
* Disabling the addon blocklist is done to thwart Mozilla from
attempting to disable extensions critical to Tor Browser
functionality.
While this would have a net negative impact on user security if
non-standard addons had security problems that required emergency
disabling, the sandbox was changed to exclude non-standard addons
when creating the container as of 0.0.11.
Enabling non-standard addons in the sandbox would require altering
the source code and rebuilding. Anyone who does that is on their
own.
* Forcing IDNs to be displayed as punycode is the mitigation for
#21961. Mozilla isn't fixing this, the Tor Browser developers are
apparently busy, so the sandbox will do it.
* Force disabling crashdump reporting is a pre-emptive opt out from
the GSOC crash reporting project. I do not have time to examine how
crash dumps are sanitized, and until I do, I will treat them as
a massive anonymity hazzard.
Till crashdumps are enabled (hopefully as an opt-in with lots of
warning labels), this will have no effect.
* Default disabling `dom.securecontext.whitelist_onions` means that
unless the user manually flips the pref, the `.onion` TLD will
retain the existing 7.0.x behavior.
As I've said before, I'm firmly against any changes that blur the
line between Onion Services and TLS with a CA signed cert. People
are free to disagree, but I'm unlikely to change my mind.
Till the pref is actually implemented, this will have no effect.
Regards,
--
Yawning Angel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tbb-dev/attachments/20170801/dfe5c7b2/attachment.sig>
More information about the tbb-dev
mailing list