Opened 8 years ago

Closed 8 years ago

Last modified 4 years ago

#7847 closed defect (fixed)

TorBirdy NNTP Usenet Newsgroup

Reported by: proper Owned by: ioerror
Priority: Medium Milestone:
Component: Applications/TorBirdy Version:
Severity: Normal Keywords:
Cc:…, adrelanos@… Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


Please add a small statement to the TorBirdy homepage, whether it's safe to use with Usenet or not.

Child Tickets

Change History (7)

comment:1 Changed 8 years ago by sukhbir

Cc:… added

Looks good, there are no leaks or specific preferences we should be worried about.

We are now forcing NNTPS (SSL) when TorBirdy is installed (nightly build).

comment:2 Changed 8 years ago by proper

Cc: adrelanos@… added

The usenet headers are a bit different from mail headers. Are they all cleaned up?

comment:3 Changed 8 years ago by sukhbir

Yes, the headers are clean because as compared to an email message, the headers that can leak information are not different:

  • NNTP-Posting-Host: Host (IP address) of the poster: (secure) connection over Tor.
  • Message-ID: the same issue with email message applies (#6315).
  • Date: again, the same with email: set to UTC.
  • Path: not a concern.

You can confirm this just to be sure.

comment:4 Changed 8 years ago by proper

Connection security (SSL) is not activated by default. Please enable.

comment:5 Changed 8 years ago by proper

Resolution: fixed
Status: newclosed

Headers are fine.

comment:6 Changed 4 years ago by sukhbir

Severity: Blocker

Update: we are now enabling SSL when the account is created. (Earlier this was done when Thunderbird would restart or for existing accounts. Now this is done immediately after an account is created.)


comment:7 Changed 4 years ago by sukhbir

Severity: BlockerNormal

(Ignore the severity change.)

Note: See TracTickets for help on using tickets.