[tor-bugs] #17367 [Applications/Tor Browser]: Swap files can contain evidence of browsing history

[Tor Bug Tracker & Wiki]

#17367: Swap files can contain evidence of browsing history
--------------------------------------+--------------------------
 Reporter:  arthuredelstein           |          Owner:  tbb-team
     Type:  defect                    |         Status:  new
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Major                     |     Resolution:
 Keywords:  tbb-disk-leak             |  Actual Points:
Parent ID:  #17208                    |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------

Comment (by mikeperry):

 Replying to [comment:9 boklm]:
 > It looks like Windows has a ClearPageFileAtShutdown option to clear the
 paging file at shutdown:
 > https://support.microsoft.com/en-us/kb/314834

 Can we set this key from Tor Browser as a non-admin user? Also, I don't
 know if "Machine Shutdown" is the right time to clear this data.

 For another approach: I discussed this with some folks at OTF, and they
 suggested a "Secure Shutdown" option that attempts to allocate and zero
 all of the memory on the system in a malloc+memset loop, until malloc
 fails (presumably once all the swap space has been used). We'd want
 probably to do this from a separate process launched after Tor Browser
 actually exits, or at least after we're certain that the current Tor
 Browser heap is fully freed. We'd want to prompt the user from Tor Browser
 before doing this, since it will be slow and other apps may OOM, but
 otherwise this approach seems simple and cross-platform. It might do the
 trick?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17367#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online