[tbb-bugs] #16926 [Tor Browser]: Multiple OS: Tor Browser leaks domains to system DNS management.
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Sep 6 03:49:30 UTC 2015
#16926: Multiple OS: Tor Browser leaks domains to system DNS management.
-------------------------------+------------------------------
Reporter: DrMikeTwiddle | Owner: tbb-team
Type: defect | Status: new
Priority: critical | Milestone:
Component: Tor Browser | Version: Tor: unspecified
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
-------------------------------+------------------------------
Comment (by DrMikeTwiddle):
@teor, thanks for the clarification.
I guess I can't use Tor on OS X anymore at least where anonymity is
needed.
Now I couldn't repeat the event. But one assumes if a tor-only-visited
address is present in mDNSResponder's dump the system has indeed done a
DNS look up outside of Tor. If there is something non-Tor on my system
that has made this happen, just once, I would have no idea what it is.
Perhaps I could run a giant traffic capture for a week to see if some
process can be pushed into looking up a URL that I didn't expect, but my
feeling at the moment is nothing will be found. Hours-long tests so far
have all come up with nothing since the leak.
There is one other option here: that is either the site concerned or the
exit node at the time were running some zero-day exploit that didn't
involve javascript. It seems unlikely, but that's the only other option
and might explain why I couldn't repeat it.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16926#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list