[tbb-bugs] #19850 [Applications/Tor Browser]: Disable Plaintext HTTP Clearnet Connections

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun Aug 7 05:12:58 UTC 2016 

#19850: Disable Plaintext HTTP Clearnet Connections
------------------------------------------+--------------------------------
     Reporter:  miserlou2                 |      Owner:  tbb-team
         Type:  enhancement               |     Status:  new
     Priority:  High                      |  Milestone:
    Component:  Applications/Tor Browser  |    Version:  Tor: 0.2.8.6
     Severity:  Major                     |   Keywords:  security, https,
Actual Points:                            |  ssl
       Points:                            |  Parent ID:
      Sponsor:                            |   Reviewer:
------------------------------------------+--------------------------------
 I think that the Tor Browser Bundle should aim to disable allowing
 connections to plaintext HTTP websites out the box by the end of the year
 2016.

 Content injection into MITM'd clearnet HTTP connections is the number one
 security threat to Tor users. It's incredibly easy to do and I'm certain
 that it happens all the time. (You can reproduce this easily by going to
 http://example.com in the latest TBB. https://example.com is completely
 valid, but the connection to the plaintext version is made).

 Even without direct content injection, it's the obvious weak point in the
 overall privacy that Tor provides for a common TBB user.

 It's 2016 - the vast majority of websites now serve pages over SSL. Thanks
 to projects like Let's Encrypt, it's now completely easy and free to run
 SSL out of the box with any important web server software package -
 there's really no excuse not to be running HTTPS.

 Rather than making this change immediately, we could announce the
 intention to release the change by the end of the year, thereby giving any
 stragglers time to add SSL to their websites. We could look at how
 browsers like Chrome and Firefox degrade deprecated TLS ciphers in
 successive releases as an example - first a visual indication, then a
 confirmation warning, then a total block.

 What do you think?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19850>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list