[tbb-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Feb 23 13:11:37 UTC 2016

#18361: Issues with corporate censorship and mass surveillance
 Reporter:  ioerror                       |          Owner:  tbb-team
     Type:  enhancement                   |         Status:  new
 Priority:  High                          |      Milestone:
Component:  Tor Browser                   |        Version:
 Severity:  Critical                      |     Resolution:
 Keywords:  security, privacy, anonymity  |  Actual Points:
Parent ID:                                |         Points:
  Sponsor:                                |

Comment (by ioerror):

 Replying to [comment:82 jgrahamc]:
 > To summarize:
 > 0. We fixed the bug that caused a new CAPTCHA to be served for a site
 when the circuit changes.

 Doesn't this mean that you've now got cross circuit tracking for Tor
 Browser users, effectively? I assume that is by issuing a cookie that
 isn't tied to a given IP address - though again without any transparency,
 I feel like it is unclear what was actually done in any technical sense.

 > 1. We'll roll out the ability for any CloudFlare web site to whitelist
 Tor so that Tor users will not see CAPTCHAs within days.

 It seems reasonable to thank you for this option, though I admit, I'm
 actually quite displeased with it personally. You've chosen to frame this
 as a positive thing when in fact, you're allowing a few people to jump
 through hoops while keeping the vast majority of the web censored by
 default. It would be possible to serve up an Always Online version with no
 captcha as the default behavior as a very reasonable middle ground. The
 default will not change and so, there is no change to the status quo.

 This as a default means that by default CF will continue their censorship
 of Tor users who wish to read websites.

 I urge you to reconsider this while your points 2 and 3 are outstanding.

 > 2. We've reproduced the "CAPTCHA loop" problem and have an engineer
 looking into what's happening.

 Is there a timeline for this? Will they report back on this bug?

 > 3. We are in contact with Google to see if they can help us with number

 Does this indeed mean that Google, because of actions by CF, has data on
 every person prompted for a CAPTCHA?

 > 4. I've asked our head of Infosec to look into an alternative CAPTCHA
 provider. We had already done this in the past and concluded that
 switching to the latest reCAPTCHA was going to be 'better'. It looks like
 it has not made things better.

 Any American third party presents similar problems as Google. On the one
 hand, they are a PRISM provider. On the other, they probably have the best
 security team in the world. Why aren't you guys just hosting your own
 CAPTCHA solution or proxying it to Google in such a way that Google gets
 nothing directly from your users?

 I hope that I'm reading you wrong but it also seems like you're concluding
 your engagement here. I'd like to encourage you to keep engaging here -
 there are many outstanding questions for CloudFlare that you (or others at
 CF) haven't answered which help us to understand the shape of the current
 and future situation.

 The above four points as well as a near total dismissal of all other
 questions, could be summed up as confirming a critical multi-month long
 bug with a vague promise that you guys will look into it. I really hope
 that this isn't the case - especially considering the other questions and
 the other options discussed here.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18361#comment:91>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list