On 3/27/12 12:09 PM, Robert Ransom wrote:
It's not a typo. Those BridgeFinderHelpers MUST NOT be installed unless the user has explicitly permitted that they be installed. Even if the user has explicitly permitted that a BridgeFinderHelper be installed and write data to disk, it SHOULD NOT write data to disk if that is not absolutely necessary.
It arise to my mind the idea discussed to provide a Tor HS Data support with some specific level of protection in the hands of the Tor operator:
http://www.mail-archive.com/tor-dev@lists.torproject.org/msg00855.html
It was an idea to protect Tor HS but it may be extended as a general concept for *ALL* tor related data.
Fitting everything into sqlite database protected with sqlcipher (or other methods) that ask the user for a password, would probably mitigate this issue and a lot of other ones that are under the hood.
-naif