[tbb-bugs] #14260 [Tor Browser]: DNS leak on OS X 10.9 Mavericks when using "nettop" and Tor Browser

Tor Bug Tracker & Wiki blackhole at torproject.org
Sat Jan 17 17:18:28 UTC 2015 

#14260: DNS leak on OS X 10.9 Mavericks when using "nettop" and Tor Browser
-------------------------------------------------+-------------------------
 Reporter:  glampop                              |          Owner:  tbb-
     Type:  defect                               |  team
 Priority:  normal                               |         Status:  new
Component:  Tor Browser                          |      Milestone:
 Keywords:  nettop, DNS leak, OS X, Tor Browser  |        Version:
Parent ID:                                       |  Actual Points:
                                                 |         Points:
-------------------------------------------------+-------------------------
 I'm not a developer. So please bear with me. I have noticed that when I
 run nettop on OS X while using Tor Browser DNS leaks appear in a DNS log.
 I have seen bridges IP addresses being leaked (I use obfs3 bridges).

 I can't confirm if other IP address from the tor system are leaked.

 -------------

 Details
 =======
 I use DNSCrypt-osxclient.[1][2] I have set it to log my DNS requests. I
 can see a live list of DNS requests in Console (OS X's log viewing app.)

 Sometimes I run "nettop" an OS X command line tool that lists what apps
 are connecting to the net.[3]

 Recently I noticed that nettop causes at least some of Tor Browser IPs to
 be leaked through to the "regular" system DNS process (DNS Crypt.)

 Without nettop running not Tor Browser's related IPs to appear in
 DNSCrypt's live log.


 I don't know if this is serious or not but I thought it was worth letting
 you know. I know most users won't be running nettop but some power users
 might and without a live log of the DNS request this would go unnoticed.


 Apps
 ====
 OS X 10.9.5 Mavericks
 Tor Browser 4.0.3
 Regular Terminal app from OS X 10.9.5
 Regular nettop tool from OS X 10.9.5
 DNSCrypt-osxclient 1.0.5



 Refs
 ====
 [1] https://github.com/alterstep/dnscrypt-osxclient/
 [2] https://github.com/alterstep/dnscrypt-
 osxclient/releases/download/1.0.5/dnscrypt-osxclient-1.0.5.dmg
 [3]
 https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man1/nettop.1.html

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/14260>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list