[tor-bugs] #21304 [Obfuscation/Snowflake]: Sanitize snowflake.log
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Mar 21 15:25:41 UTC 2019
#21304: Sanitize snowflake.log
-----------------------------------+------------------------------
Reporter: arlolra | Owner: cohosh
Type: defect | Status: needs_review
Priority: Medium | Milestone:
Component: Obfuscation/Snowflake | Version:
Severity: Normal | Resolution:
Keywords: starter | Actual Points:
Parent ID: | Points: 1
Reviewer: | Sponsor:
-----------------------------------+------------------------------
Changes (by cohosh):
* status: assigned => needs_review
Comment:
Made some changes to the scrubber and added it to the other go components
(proxy-go, broker, client). The candidate is here:
https://github.com/cohosh/snowflake/compare/ticket21304
One of the problems I can forsee with the current code is that I had to
introduce a hack to make the scrubber leave fingerprints alone. This is
based off the assumption that logged IPv6 addresses are enclosed in
{{{[,]}}} brackets. As far as I can tell, this seems to be the case but it
makes me a bit uncomfortable.
What are our feelings about scrubbing fingerprints from logs as well? Is
it necessary? The one in particular I'm looking at is the received answer
in the client log:
{{{
a=ice-options:trickle
a=fingerprint:sha-256
8D:CE:FE:08:F1:AC:32:30:88:D1:B4:1A:34:84:19:C2:43:18:4A:57:A9:20:2F:DC:C2:32:01:38:F9:8B:E5:8C
a=setup:active
a=mid:data
}}}
If we don't need the fingerprint, I'd prefer to "over scrub" instead of
potentially leaking info if the IPv6 logging violates the above
assumption.
I did a cursory glance at the sanitized logs and there are no obvious
privacy-related leaks at the moment.
Putting this in needs_review because, while there are other logging
changes that could be made, most are concerned with the verbosity of the
output which is a separate issue.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21304#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list