Bypassing proxy settings?
Post was posted to blog's comments:
One TBB behaviour that continues to trouble me is that Firefox continues to try to connect to the internet. I use standard install on ubuntu with no add-ons (tor-browser-linux32-3.5.2.1_en-US.tar) and with js disabled in both NoScript and about:config.
I see additional changes with each update that improve browser isolation by disabling / blocking more auto-connect threats like blacklist updates, rule-set updates, safebrowsing reporting...etc...etc...
So with every new TBB release, I have renewed hope that Firefox will not go outside of the tor process with an internet connection attempt. Each release I allow tor to access the internet and firefox to access tor via 127.0.0.1. Each release I am either immediately or later disappointed when Firefox attempts its own internet connection.
My concerns...
-
Why does TBB continue to be released with default settings that allow Firefox automatically seek an internet connection? I can not imagine this not being noted in testing. What is trying to connect and what information is trying to be shared?
-
How many people trust any connections from TBB and allow both tor and TBB Firefox connections to outside world? Why is this not a significant security flaw? Tor works fine when I block these Firefox external connection attempts. I run a minimal ubuntu box with standard Forefox gutted to the best of my ability. I have a process connection map running and see that the Firexoz attempting to connect is from the TBB package.
-
If this behaviour is known and accepted, how do we know that connections are not being made and information being sent to unknown locations by Firefox through tor? This is something that I would never catch even with my layers of application and port level firewalls...
Sorry that I do not have Wireshark capabilities, but can not imagine that this behaviour is not seen on all installations.
Thanks for your efforts.
inside