[tor-talk] Towards a Torbutton for Thunderbird (torbutton-birdy)

Mix+TB Test mix.tb at yandex.com
Mon May 7 09:02:36 UTC 2012


>> DNS and other connections leak during account creation (when Thunderbird
>> is trying to work out how to connect), but after that I can receive
>> (IMAP w/STARTTLS, IMAPS) and send (Submission w/STARTTLS, SMTPS) without
>> seeing any leaks, including no DNS leaks. I can also see the connections
>> showing up in the Vidalia Network Map.
> 
> These issues should be listed in the TODO file - I'm sorry to say that
> Thunderbird and the Mozilla team seems to refuse to Do The Right Thing
> with the account setup wizard. The bugs on this topic are a depressing
> read - it's not really possible to override this and fail closed - which
> seems like an unreasonable stance...

I wonder whether tsocks could be distributed with Thunderbird, and a TBB
style startup used to load the libraries and force Thunderbird through
Tor that way?

> Great. So as it stands, I found the following meta-data in your email
> that may be harmful to your privacy:
> 
> Message-ID: <4FA5D959.4010902 at yandex.com>
> Date: Sun, 06 May 2012 11:52:25 +1000
> 
> Your raw email is impressive in how many systems it seems to touch - it
> routes over Tor through the Noisebridge exit, it traverses some ipv6
> SMTP servers and so on. There's a lot of stuff in there - can you look
> through it and tell me if any of it is harmful to your privacy other
> than the two lines listed above?

I didn't see the Message ID as harmful, but I'm more than happy to be
educated on this front. I do see the timezone leakage as a problem. I've
had a look through Thunderbird's settings and can't see anything to
indicate that this is stored within the settings so I imagine that this
comes from system. If it's controlled through the environment then it
may be able to be set before running, again maybe through a TBB style
startup.

My only other immediate concern is how Thunderbird identifies itself to
the SMTP server during the EHLO. Claws mail provides a dialogue to show
what it's doing, and also allows you to specify what it is that is
reported to the other end. I'm not sure what Thunderbird says, but it's
likely that it is the local hostname.


More information about the tor-talk mailing list