[tor-bugs] #16625 [Tor Browser]: Verify network predictor doesn't introduce linkability
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Jul 22 02:50:33 UTC 2015
#16625: Verify network predictor doesn't introduce linkability
-------------------------+-------------------------------------------------
Reporter: | Owner: mikeperry
mikeperry | Status: assigned
Type: defect | Milestone:
Priority: normal | Version:
Component: Tor | Keywords: tbb-linkability, tbb-5.0a4,
Browser | ff38-esr, TorBrowserTeam201507, MikePerry201507
Resolution: | Parent ID:
Actual Points: |
Points: |
-------------------------+-------------------------------------------------
Comment (by mikeperry):
I looked at the source, and nsIOService::SpeculativeConnect() in
combination with IOServiceProxyCallback::OnProxyAvailable() seems to
prevent predictions from happening because we have a proxy set. However,
the code still seems to create cache entries in about:cache somehow, and
disabling the pref prevents that.
It is simple enough to hack the code to actually enable prediction for
proxied connections, which I think might be a good idea for us, except
that Arthur's OCSP patch doesn't properly carry through the isolation
parameters involved in predicted requests, so they would violate our
connection isolation. The isolation parameters were similarly not applied
in the cached prediction entries, which is also worrisome.
I am going to commit a pref flip to disable prediction entirely, and file
a new ticket for fixing prediction and actually enabling it post-5.0. My
guess is that in addition to potential isolation issues, it probably will
turn up a few fun connection usage edge cases, since it seems that Mozilla
likely has never even tested it with proxy support enabled.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16625#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list