[tor-bugs] #7085 [Tor bundles/installation]: Integrate Cryptocat Browser Extension into Tor Browser Bundle
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Nov 22 20:39:00 UTC 2012
#7085: Integrate Cryptocat Browser Extension into Tor Browser Bundle
--------------------------------------+-------------------------------------
Reporter: kaepora | Owner: erinn
Type: enhancement | Status: new
Priority: normal | Milestone: TorBrowserBundle 2.2.x-stable
Component: Tor bundles/installation | Version: Tor: unspecified
Keywords: | Parent:
Points: | Actualpoints:
--------------------------------------+-------------------------------------
Comment(by mikeperry):
kaepora: Is there a tag in your bugtracker so we can look over the bugs
found as a result of the audit?
Also, if NSS is only used as a source of random bytes, you should consider
using https://developer.mozilla.org/en-
US/docs/XPCOM_Interface_Reference/nsIRandomGenerator. It uses NSS's PRNG
underneath. The reason to avoid jsctypes is because it increases the
vulnerability surface for sandboxed TBBs. We're pondering removing it if
we ever get a working sandbox (see #6152).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7085#comment:19>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list