Opened 5 years ago
Last modified 3 years ago
#15499 new defect
Onion sites circuits are not properly isolated to URL bar domain
| Reported by: | gk | Owned by: | tbb-team |
|---|---|---|---|
| Priority: | High | Milestone: | |
| Component: | Applications/Tor Browser | Version: | |
| Severity: | Normal | Keywords: | tbb-linkability |
| Cc: | s7r, mikeperry, arthuedelstein, fdsfgs@… | Actual Points: | |
| Parent ID: | Points: | ||
| Reviewer: | Sponsor: |
Description
As mentioned on IRC, s7r's test case and results are:
I have setup an .onion which loads an image from another onion. it creates 2 circuits but it's smart enough when I access the second onion where the resources are loaded from, it uses the same circuit used to load the resources initially.
This seems not the thing we want. As mikeperry noted we want to have the access to the second onion over a different circuit than loading the resources while accessing onion 1.
This might actually require a Tor patch (too).
Child Tickets
Change History (4)
comment:1 Changed 5 years ago by
comment:2 Changed 5 years ago by
As I understand it s7r was talking about whole circuits (6 hops) that are the same.
comment:3 Changed 3 years ago by
| Severity: | → Normal |
|---|
I opened #21237 for what might be the Tor side of this idea (if we decide it's worth it).
comment:4 Changed 3 years ago by
| Cc: | fdsfgs@… added |
|---|
Note: See
TracTickets for help on using
tickets.
Just so I understand -- connections to the two onion sites are currently the same between the client and the rendezvous point, but different from rendezvous point to each onion server, correct? That seems OK to me, in the sense that this is the same behavior we use for non-onion sites. Or am I missing something?