TBB proxy bypass: Some DNS requests not going through Tor
|Reported by:||cypherpunks||Owned by:||mikeperry|
|Component:||Firefox Patch Issues||Version:|
|Keywords:||MikePerry201205||Cc:||g.koppen@…, mikeperry, StrangeCharm, tails@…, mk@…|
|Actual Points:||3||Parent ID:|
No DNS request should be made through the normal internet, everything should go through Tor. The DNS requests leak information of which sites you are browsing in your Tor Browser.
How to reproduce:
- Download and verify "tor-browser-gnu-linux-i686-2.2.35-10-dev-en-US.tar.gz"
- Start up Wireshark to monitor your network, optionally filtering for "dns"
- Unpack Tor and start it by running the "start-tor-browser" script
- Once TorBrowser is open, go to "http://bitcoincharts.com/"
- See DNS request for "bitcoincharts.com" being logged in Wireshark
Tor Browser Bundle for 32-bit Linux, version 2.2.35-10
Running on Fedora 16
This is not the first time some rarely triggered bug in Firefox causes Tor to be bypassed, and certainly will not be the last one. Since these bugs have a very high security impact I propose they are guarded against. How about running Firefox inside some kind of firewall that drops all network packets not going to Tor?
Change History (27)
comment:3 Changed 23 months ago by rransom
- Cc mikeperry added
- Priority changed from critical to blocker
comment:12 Changed 23 months ago by mikeperry
- Actual Points set to 3
- Keywords MikePerry201205 added
- Points set to 3
- Resolution set to fixed
- Status changed from new to closed
comment:25 Changed 22 months ago by mikeperry
- Component changed from Tor bundles/installation to Firefox Patch Issues
- Resolution fixed deleted
- Status changed from closed to reopened
comment:26 Changed 22 months ago by mikeperry
- Owner changed from erinn to mikeperry
- Status changed from reopened to assigned