[tor-bugs] #2988 [Tor Relay]: information disclosure: operating system and platform
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Wed May 11 00:58:59 UTC 2011
#2988: information disclosure: operating system and platform
-----------------------+----------------------------------------------------
Reporter: tagnaq | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: unspecified
Component: Tor Relay | Version:
Keywords: | Parent:
Points: | Actualpoints:
-----------------------+----------------------------------------------------
Comment(by mikeperry):
The Tor network has been running for how many years now? How many times in
the past have we needed this info? It is definitely not zero for some
info, but it is zero for others. I found some very interesting results
about the circuit failure rates of Windows machines in the past, but Nick
has said this is more directly a function of libevent version and polling
method on those machines than Windows itself.
I also agree that we should drop info that makes exploits easier. The arch
string seems totally irrelevant to me. I don't think we'll ever see a
strong correlation between x86 vs x64 and tor performance or reliability
properties.. Sure, x64 may do crypto better. But crypto perf is also a
function of many other factors, and this arch info aids exploiters, and
may not actually always be obvious by remote fingerprinting with nmap if
the system is locked down in other respects.
As for using capabilities instead: we occasionally have bad bugs that
apply to specific tor minor versions. For example, the bandwidth lying bug
of 0.2.2.23-24 is a useful thing to see, and bugs of this sort are
something that will *not* be reflected in a capability string, because it
is not intentional functionality.
However, I do feel like we want more info in this string, though. It would
be very useful to have the libevent version and polling method included,
for example. These should be added to the version string, IMO.
It would be interesting to hear Nick's opinion as to if the libevent
polling method would be enough to allow us to drop the OS string entirely.
Maybe it is.
So, in my ideal world, the version string would be Tor major+minor version
+ libevent version + method, with no arch, and no git hash. Maybe also OS,
depending on what Nick says about libevent capturing this info.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2988#comment:21>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list