[tor-bugs] #5741 [Tor bundles/installation]: TBB proxy bypass: Some DNS requests not going through Tor

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Wed May 2 21:17:37 UTC 2012


#5741: TBB proxy bypass: Some DNS requests not going through Tor
--------------------------------------+-------------------------------------
 Reporter:  cypherpunks               |          Owner:  erinn
     Type:  defect                    |         Status:  new  
 Priority:  blocker                   |      Milestone:       
Component:  Tor bundles/installation  |        Version:       
 Keywords:                            |         Parent:       
   Points:                            |   Actualpoints:       
--------------------------------------+-------------------------------------

Comment(by rransom):

 Replying to [comment:7 mikeperry]:
 > Replying to [comment:6 arma]:
 > > Replying to [ticket:5741 cypherpunks]:
 > > > This is not the first time some rarely triggered bug in Firefox
 causes Tor to be bypassed, and certainly will not be the last one. Since
 these bugs have a very high security impact I propose they are guarded
 against. How about running Firefox inside some kind of firewall that drops
 all network packets not going to Tor?
 > >
 > > It would be great to see some very simple instructions for launching
 Tails in a VM in Windows.
 >
 > I thought tails stopped shipping with a catch-all/drop-all transproxy
 rule?

 Tails now drops all outgoing packets whose destination IP address is not
 RFC-1918 private.  Tails stopped using transparent proxy configuration in
 order to try to keep random crap on the system from linking the user's
 web-browsing activities, but still configures Tor as the GNOME default
 SOCKS proxy, which defeats most of that purpose.

 Tails 0.10.1 allowed traffic to/from RFC-1918 private addresses; I don't
 know whether Tails 0.11 does.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5741#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list