[tbb-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Mar 1 11:35:41 UTC 2016

#18361: Issues with corporate censorship and mass surveillance
 Reporter:  ioerror                       |          Owner:  tbb-team
     Type:  enhancement                   |         Status:  new
 Priority:  High                          |      Milestone:
Component:  Tor Browser                   |        Version:
 Severity:  Critical                      |     Resolution:
 Keywords:  security, privacy, anonymity  |  Actual Points:
Parent ID:                                |         Points:
  Sponsor:                                |

Comment (by jgrahamc):

 Replying to [comment:184 cypherpunks]:
 > Replying to [comment:182 jgrahamc]:
 > > I'm not sure how you come up with the 5% number but I think you
 underestimate how complicated deciding what R/O is in the web. Plenty of
 attacks come through GET requests. Doing the R/O mode seems like a nasty
 > To me R/O would be delivering the cache that you have. The request would
 never see the actual website. This would also discourage adversaries that
 repeatedly pull websites to have an automated advantage at idk ticket
 sales as the cache does not have to be the most recent.

 There are a lot of assumptions here. For example, this assumes that we
 have all the pages in cache and all the assets. It assumes that web pages
 can be displayed without any POSTs happening (so nothing dynamic at all).

 In addition it ignores what happens if a Tor user comes to CloudFlare and
 we don't have the item in cache, or the item is outdated.

 This idea just kicks the ball down the line. The right solution is to
 allow Tor users who are not behaving in a malicious manner 'normal' access
 to the web.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18361#comment:185>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list