Opened 5 years ago

Last modified 3 years ago

#16395 new defect

Circuit isolation by SOCKS proxy may be breaking other proxies or non-proxies

Reported by: GigabyteProductions Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords:
Cc: adrelanos@… Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


If, for whatever reason, the user wants to disable the Tor Browser from connecting to their local Tor daemon (such as to prevent tor-through-tor with forced transparent torrification, or use the Tor Browser for it's security rather than it's anonymity, or point the Tor Browser to an SSH SOCKS proxy), they will find that since the release of the Tor Browser 4.5.1, it will fail to connect to any SOCKS proxy that isn't a Tor daemon, and it will complain saying, "Firefox is configured to use a proxy server that can't be found." when proxies are disabled.

I believe the cause of this issue is or a related commit to the Tor Button. Disabling the Tor Button resolves the issue, but this isn't desired as the Tor Button provides additional protections such as the HTML5 canvas extraction.

This can easily be recreated by having the 32-bit Linux package of the Tor Browser, and the attached 0000tor-use-system-4.5.2test.js file in the current directory, and then running something along the lines of:

xz -d < tor-browser-linux32-4.5.2_en-US.tar.xz | tar -xv
cp 0000tor-use-proxy-4.5.2test.js tor-browser_en-US/Browser/TorBrowser/Data/Browser/profile.default/preferences/
tor-browser_en-US/Browser/start-tor-browser --verbose

The above assumes there is a SOCKS5 proxy running on your machine on port 1080. This can easily be done with something like

ssh -Dlocalhost:1080 localhost -N

Child Tickets

Attachments (1)

0000tor-use-proxy-4.5.2test.js (3.7 KB) - added by GigabyteProductions 5 years ago.
Pre-configuration file for Tor Browser before first start

Download all attachments as: .zip

Change History (4)

Changed 5 years ago by GigabyteProductions

Pre-configuration file for Tor Browser before first start

comment:1 Changed 5 years ago by cypherpunks

Likely breaks connections to other HTTP proxies like I2P and prevents use of TorBrowser for security.

comment:2 Changed 5 years ago by proper

Cc: adrelanos@… added

comment:3 Changed 3 years ago by teor

Severity: Normal

Set all open tickets without a severity to "Normal"

Note: See TracTickets for help on using tickets.