[tbb-bugs] #26586 [Applications/Tor Browser]: Enumerate background connections that Tor Browser makes on its catch-all circuit

Tor Bug Tracker & Wiki blackhole at torproject.org
Sat Jun 30 19:10:25 UTC 2018

#26586: Enumerate background connections that Tor Browser makes on its catch-all
     Reporter:  arma                      |      Owner:  tbb-team
         Type:  task                      |     Status:  new
     Priority:  Medium                    |  Milestone:
    Component:  Applications/Tor Browser  |    Version:
     Severity:  Normal                    |   Keywords:
Actual Points:                            |  Parent ID:
       Points:                            |   Reviewer:
      Sponsor:                            |
 I know that Tor Browser makes connections over the Tor network when I
 click on a page. But what does it load on its own, in the background? And
 on what time schedules?

 I have three goals with asking:

 * Is my Tor Browser doing something in the background that is dangerous
 for my anonymity? An example here would be an ssl transparency design that
 uploads summary information about the ssl certs I've seen lately.

 * These background connections use the catch-all circuit, so they are
 isolated from the content that I intentionally load, but they are lumped
 into the same circuit with each other. Are there anonymity implications
 with combining any of these background connections together on the same

 * The Tor client has a bunch of logic to start saving bandwidth if you
 don't use it for a long while, but each of these background connections
 counts as "use", so the Tor client in a Tor Browser never does any of its
 bandwidth-saving measures. I wonder if there's some design where we stop
 doing the background things that don't need to be done, once the rest of
 Tor Browser has been idle for a while, or we give some way to tell the Tor
 client that those don't "really" count as use, or what. Maybe this idea
 will be too complicated to do, but the first step is understanding what
 connections we are receiving and why.

 GeKo points out that tjr made a start at this list for an earlier esr:
 and he also suggested that having this list documented (and thus I guess
 "kept up to date" too) in the "hacking" document would be a good move.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26586>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list