Opened 8 years ago

Closed 8 years ago

Last modified 7 years ago

#5511 closed enhancement (fixed)

Make clearer in the doc NOT to include bridges in MyFamily

Reported by: koolfy Owned by:
Priority: Low Milestone:
Component: Core Tor/Tor Version: Tor: 0.2.3.13-alpha
Severity: Keywords: torrc faq myfamily bridge tor-bridge
Cc: koolfy@… Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Right now, in the default torrc ( https://gitweb.torproject.org/tor.git/blob_plain/HEAD:/src/config/torrc.sample.in ), it is said :

## Uncomment this if you run more than one Tor relay, and add the identity
## key fingerprint of each Tor relay you control, even if they're on
## different networks. You declare it here so Tor clients can avoid
## using more than one of your relays in a single circuit. See
## https://www.torproject.org/docs/faq#MultipleRelays
#MyFamily $keyid,$keyid,...

However, as rransom pointed out to me, bridges should NEVER see their fingerprints set in the MyFamily setting.

rransom | DO NOT include a bridge's fingerprint in any Tor instance's MyFamily torrc line.
rransom | Anyone can use a bridge's fingerprint to find its current TCP address.

This should be clearly enunciated both in the torrc file AND in the FAQ ( https://www.torproject.org/docs/faq#MultipleRelays ) to be sure to avoid any user error.

Child Tickets

Attachments (2)

fix_torrc_myfamily_bridge.patch (1.7 KB) - added by koolfy 8 years ago.
fix_torrc_myfamily_bridge-v2.patch (2.7 KB) - added by koolfy 8 years ago.
second iteration of this little patch to clarify not listing bridges in MyFamily

Download all attachments as: .zip

Change History (11)

comment:1 Changed 8 years ago by rransom

Component: - Select a componentTor Bridge

What does the tor(1) man page say about the MyFamily option?

Changed 8 years ago by koolfy

comment:2 Changed 8 years ago by koolfy

Added a patch for both src/config/torrc.sample.in and src/config/torrc.bridge.in adding those 2 lines :

+## However, you should never include a bridge's fingerprint here, as it would
+## break its concealability and potentionally reveal its IP/TCP address.

Please let me know it I did something wrong as this is my first patch.

@rransom
the tor(1) man page basically says the same as the torrc and que FAQ, with other words, and no mention of the bridge issue either.

comment:3 Changed 8 years ago by koolfy

Cc: koolfy@… added

I added a warning in the tor(1) manpage :

  • family; it doesn't need to list itself, but it won't hurt.)

+ family; it doesn't need to list itself, but it won't hurt.) Do not list
+ any bridge relay as it would compromise its concealment.

the new patch (fix_torrc_myfamily_bridge-v2.patch) contains both changes.

Are there other places in the source where it may be needed to be pointed out too ?

The only thing left for this "issue" to be completely addressed would be to add a similar sentence in https://www.torproject.org/docs/faq#MultipleRelays

Changed 8 years ago by koolfy

second iteration of this little patch to clarify not listing bridges in MyFamily

comment:4 Changed 8 years ago by rransom

Status: newneeds_review

Oooh! A patch!

comment:5 Changed 8 years ago by nickm

Looks good -- we should probably have tor.1.txt (the manpage source) say this too.

comment:6 in reply to:  5 Changed 8 years ago by koolfy

Replying to nickm:

Looks good -- we should probably have tor.1.txt (the manpage source) say this too.

That's why I made the second patch. I forgot about tor.1.txt

The second patch includes both the torrc sample files AND tor.1.txt, so if there isn't anything else, the second patch does the job.

comment:7 Changed 8 years ago by nickm

Resolution: fixed
Status: needs_reviewclosed

It looks like you did! Somehow I missed that there were two patches in that file.

Merged to master; thanks!

comment:8 Changed 7 years ago by nickm

Keywords: tor-bridge added

comment:9 Changed 7 years ago by nickm

Component: Tor BridgeTor
Note: See TracTickets for help on using tickets.