[tor-bugs] #1676 [Tor bundles/installation]: Audit jabber/XMPP support for pidgin

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Mon Apr 30 04:00:20 UTC 2012 

#1676: Audit jabber/XMPP support for pidgin
--------------------------------------+-------------------------------------
 Reporter:  katmagic                  |          Owner:  ioerror 
     Type:  defect                    |         Status:  assigned
 Priority:  critical                  |      Milestone:          
Component:  Tor bundles/installation  |        Version:          
 Keywords:  pidgin, DNS               |         Parent:  #2918   
   Points:                            |   Actualpoints:          
--------------------------------------+-------------------------------------

Comment(by rubin110):

 So after scratching my brain for a bit, actually rereading much of this
 thread, and a bit of retesting...

 The new build people have been speaking of is Pidgin, the change is a new
 item in the proxy type menu called "Tor/Privacy (SOCKS5)" which seems to
 push DNS through Tor.

 Via the XMPP connection protocol I'm able to make successful connections
 to CCC's jabber server and talk.google.com without any DNS leakage.

 The "GTalk" connection protocol uses gmail.com as the server, which seems
 to choke on making SRV look ups. This is also the case if gmail.com is
 used as the server in the XMPP connection protocol. Basically it fails to
 connect but with no DNS leakage.

 I don't know if whoever packages this could simply rebuild Pidgin with
 talk.google.com in the server spot by default for GTalk instead of
 gmail.com. Additionally I have the feeling if the exit node is terminating
 out of Germany, gmail.com wont actually work, but I could be wrong.

 Also tested under the new Tor/Privacy proxy type was chatting over AIM,
 which worked without issue. Is Tor planning to support any other IM
 protocols? If so I can quickly test the rest of those out too.

 I'm going to poke file transfers and other forms of possibly leakage in a
 bit, with a primary focus on XMPP through CCC and talk.google.com.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/1676#comment:37>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list