Disable download manager scanning (reports downloads to cloud for many AV systems)
|Reported by:||cypherpunks||Owned by:||erinn|
|Actual Points:||0.5||Parent ID:|
I have found that the latest Tor Browser Bundle (tor-browser-2.3.25-10_en-US.exe), when installed as instructed, uses a default setting of:
Which can be found by:
opening a tab with "about:config" in Tor Browser
and typing 'scan' in the "Search:" field.
The default setting should be set to false, and all Tor Browser Bundles should ship with this setting:
Anyone who uses Microsoft Security Essentials or another cloud based AV product,
will transmit the filename and hash of <b>EACH</b> downloaded file in the clear to be vacuumed up by the NSA or their own domestic stasi equivalent. If I were a Chinese or Syrian citizen I would soil my pants. (Not that our own governments are better.)
To verify this:
Obtain a windows box which uses MSE (with default settings).
Install the latest Tor Browser Bundle.
Start Wireshark and start capturing traffic.
Start Tor Browser.
Download any file that would trigger MSE, such as
Watch MSE transmitting info (filename & hash) about this file to Microsoft.
Note: You can disable cloud scanning in MSE and other similar products, but this is too much to ask of most users. It is better to avoid this problem completely since we know that NSA has installed backdoors into Microsoft networks.
The drawback is that users are, presumably, slightly less protected from viruses by not scanning files when downloaded. But if the user has any decent AV product and updates the definition files regularly, the file would be scanned when used.
Change History (7)
comment:2 follow-up: ↓ 3 Changed 2 years ago by mikeperry
- Keywords tbb-pref MikePerry201307 added; Tor Browser Bundle removed
- Priority changed from major to critical
comment:5 Changed 2 years ago by mikeperry
- Actual Points set to 0.5
- Resolution set to fixed
- Status changed from new to closed
comment:6 Changed 2 years ago by mikeperry
- Summary changed from Bad default setting in Tor Browser Bundle poses a severe privacy risk. to Disable download manager scanning (reports downloads to cloud for many AV systems)