[tor-bugs] #7179 [EFF-HTTPS Everywhere]: Ths SSL Observatory feature leaks DNS requests without the TBB
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Sat Oct 27 12:38:08 UTC 2012
#7179: Ths SSL Observatory feature leaks DNS requests without the TBB
----------------------------------+-----------------------------------------
Reporter: gk | Owner: pde
Type: defect | Status: new
Priority: critical | Milestone:
Component: EFF-HTTPS Everywhere | Version:
Keywords: | Parent:
Points: | Actualpoints:
----------------------------------+-----------------------------------------
Comment(by gk):
Replying to [comment:4 mikeperry]:
> A PAC approach sounds plausible
Yes, but be aware that there are fun bugs like
https://bugzilla.mozilla.org/show_bug.cgi?id=468868. Dunno, if you get
away with setting the TRANSPARENT_PROXY_RESOLVES_HOST flag as this is
strictly speaking not touching the preference in question. And watch still
out for DNS leaks. I found plenty of them recently in certain
circumstances if a PAC file is used specifying a SOCKS proxy. Affected
Firefox versions are all up to and including 17. These leaks are not
reproducible in FF 18 anymore, I guess due to
https://bugzilla.mozilla.org/show_bug.cgi?id=769764 and its fallout.
>(if you can actually create PAC rules from addons)
Should not be a problem although it might be tricky to constrain the usage
of that PAC rules just to single requests assuming the user has content
loaded into some tabs...
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7179#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list