Opened 5 years ago

Closed 4 years ago

Last modified 14 months ago

#7847 closed defect (fixed)

TorBirdy NNTP Usenet Newsgroup

Reported by: proper Owned by: ioerror
Priority: Medium Milestone:
Component: Applications/TorBirdy Version:
Severity: Normal Keywords:
Cc: sukhbir.in@…, adrelanos@… Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Please add a small statement to the TorBirdy homepage, whether it's safe to use with Usenet or not.

Child Tickets

Change History (7)

comment:1 Changed 5 years ago by sukhbir

  • Cc sukhbir.in@… added

Looks good, there are no leaks or specific preferences we should be worried about.

We are now forcing NNTPS (SSL) when TorBirdy is installed (nightly build).

comment:2 Changed 5 years ago by proper

  • Cc adrelanos@… added

The usenet headers are a bit different from mail headers. Are they all cleaned up?

comment:3 Changed 5 years ago by sukhbir

Yes, the headers are clean because as compared to an email message, the headers that can leak information are not different:

  • NNTP-Posting-Host: Host (IP address) of the poster: (secure) connection over Tor.
  • Message-ID: the same issue with email message applies (#6315).
  • Date: again, the same with email: set to UTC.
  • Path: not a concern.

You can confirm this just to be sure.

comment:4 Changed 4 years ago by proper

Connection security (SSL) is not activated by default. Please enable.

comment:5 Changed 4 years ago by proper

  • Resolution set to fixed
  • Status changed from new to closed

Headers are fine.

comment:6 Changed 14 months ago by sukhbir

  • Severity set to Blocker

Update: we are now enabling SSL when the account is created. (Earlier this was done when Thunderbird would restart or for existing accounts. Now this is done immediately after an account is created.)

0f1d01af

comment:7 Changed 14 months ago by sukhbir

  • Severity changed from Blocker to Normal

(Ignore the severity change.)

Note: See TracTickets for help on using tickets.