[tbb-bugs] #18787 [Tor Browser]: Initialize the SOCKS password to random offset at start
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Apr 11 02:23:09 UTC 2016
#18787: Initialize the SOCKS password to random offset at start
-----------------------------+----------------------
Reporter: cypherpunks | Owner: tbb-team
Type: enhancement | Status: new
Priority: Medium | Milestone:
Component: Tor Browser | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
-----------------------------+----------------------
When Tor Browser starts, the SOCKS password is initialized to 0. Each time
a new circuit is to be used, it is incremented. Unfortunately, if the
browser is restarted, it is reset to 0, and it may cause the browser to
re-use the same circuits. This is obviously bad for likability. A
workaround for this would be to randomize the SOCKS password to a random
offset when Tor Browser starts up, so it is never initialized with a
previously used password and thus previously used circuit.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18787>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list