[tbb-bugs] #19932 [Applications/Tor Browser]: 30MB of duplicated data in profile directory, httpseverywhere gone wild

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Aug 18 00:12:59 UTC 2016 

#19932: 30MB of duplicated data in profile directory, httpseverywhere gone wild
------------------------------------------+----------------------
     Reporter:  cypherpunks               |      Owner:  tbb-team
         Type:  defect                    |     Status:  new
     Priority:  Medium                    |  Milestone:
    Component:  Applications/Tor Browser  |    Version:
     Severity:  Normal                    |   Keywords:
Actual Points:                            |  Parent ID:
       Points:                            |   Reviewer:
      Sponsor:                            |
------------------------------------------+----------------------
 TOR DEVS: please ignore the jakegate conspiracy stuff below and just tell
 us: is tor browser doing something different now, as is alleged below?

 below is copy+pasted from rixstep.com/2/2/20160817,00.shtml

 Not that there's necessarily any connection to Jakegate (it can't be ruled
 out either) but the latest updates of Tor have been a frightening mess.
 Why does Tor suddenly dump over 30 megabloats of steaming faeces onto a
 file system on exit?

 Picking a side in Jakegate isn't relevant. For those using Tor (it should
 be more all the time) the main concern is the health of the project. Given
 what some brave people are now saying, Tor went through an internal
 'coup'.

 They say Jake wasn't so much a key programmer as a key spokesman. So his
 leaving the project shouldn't affect the quality of the project. But
 pushing Jake out seems to have been part of a larger process, with a whole
 new regime now in place and the 'old guard' being systematically
 eliminated.

 This is where the regime change comes into focus: Tor is a privacy tool;
 that privacy must extend beyond anonymous surfing to not leaving reams of
 potentially compromising junk in a file system. Resident spy tools can
 easily scan this flotsam and potentially cull private information. If Tor
 never needed do this before, then why now the sudden change?

 Most of the junk left behind comes from an EFF extension, but this
 extension has been used all along, and it serves no purpose to copy the
 data out to yet another location. If this is caused by an error at EFF,
 why hasn't this been corrected?

 And it's not only EFF data dumped on disk. The depository itself is fully
 new and it dates to after Jakegate.

 Happenstance, coincidence, enemy action? Right now Tor is crap and getting
 downright scary.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19932>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list