[tor-bugs] #6451 [TorBirdy]: add proxy / tor connectivity check / mail header check

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Tue Jul 24 01:08:42 UTC 2012 

#6451: add proxy / tor connectivity check / mail header check
-------------------------+--------------------------------------------------
 Reporter:  proper       |          Owner:  ioerror
     Type:  enhancement  |         Status:  new    
 Priority:  normal       |      Milestone:         
Component:  TorBirdy     |        Version:         
 Keywords:               |         Parent:         
   Points:               |   Actualpoints:         
-------------------------+--------------------------------------------------

Comment(by ioerror):

 I'm not a fan of this feature at all. It requires a lot of infrastructure
 for basically no gain.

 If we want to check if we're using Tor, I propose we incorporate the
 TorCheck code from Torbutton that hits check.torproject.org and queries
 it. We added a very light weight query string that will return a very
 small bit of text to parse. I don't think it should be automatic but if
 someone wants a button to check, I support that kind of check/button.

 The rest of the stuff sounds like a nightmare to run and we'd then have to
 manage a key, etc - building that kind of infrastructure seems like a
 cumbersome solution where an attacker can just lie to give users a false
 sense of security. They in theory would require the gpg key but since it
 would be signing stuff - we'd need to keep it online. This is unlike the
 current key that I use to sign TorBirdy which is kept offline.

 I also feel that it might make sense to give Tor a special hostname, where
 we check the response - I see no reason why we can't extend Tor to give us
 a bit of detail that doesn't send network traffic. In theory, we can use
 the control port but I don't think thunderbird needs access to a control
 port for more than a "is Tor working" and a "did we just use Tor properly"
 feedback loop.

 Another key point is that an attacker can transparently route a non-
 torified client into the Tor network and all of the above checks would
 _work_ and no one would be the wiser...

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6451#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list