[tbb-dev] Updating TB and Orfox for Meltdown and Spectre?
teor
teor2345 at gmail.com
Sun Jan 7 00:26:12 UTC 2018
> On 7 Jan 2018, at 11:03, Nathan Freitas <nathan at freitas.net> wrote:
>
> Not sure if there is an open ticket I should be monitoring, or a meeting
> I missed, but just saw the Firefox update to address Meltdown and Spectre:
> https://www.mozilla.org/en-US/firefox/57.0.4/releasenotes/
>
> Are Tor Browser and Orfox vulnerable these attacks? Has this been
> covered somewhere else?
>
> Thanks, and just figuring out if my week ahead is going to be spent on
> an urgent Orfox release or not!
Someone will need to confirm my analysis here:
Here's the security advisory link:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-01/
The relevant section is:
Since this new class of attacks involves measuring precise time intervals, as a partial, short-term, mitigation we are disabling or reducing the precision of several time sources in Firefox. The precision of performance.now() has been reduced from 5μs to 20μs, and the SharedArrayBuffer feature has been disabled because it can be used to construct a high-resolution timer.
SharedArrayBuffer is already disabled in Firefox 52 ESR.
The two relevant features are:
SharedArrayBuffer:
TBB 7.0 is based on Firefox 52 ESR.
Does TBB also disable SharedArrayBuffer?
Is Orfox based on Firefox 52 ESR?
Does Orfox also disable SharedArrayBuffer?
performance.now():
TBB 7.0 reduces performance.now() to 100ms.
https://trac.torproject.org/projects/tor/ticket/1517
https://trac.torproject.org/projects/tor/ticket/16340
But there are other sources of high-resolution timers, that Mozilla hasn't covered:
(Maybe someone should let them know?)
https://trac.torproject.org/projects/tor/ticket/16110
https://trac.torproject.org/projects/tor/ticket/17412
https://trac.torproject.org/projects/tor/ticket/21010
Should TBB or Orfox apply some of these fixes?
Does Orfox reduce the precision of performance.now()?
T
--
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
ricochet:ekmygaiu4rzgsk6n
xmpp: teor at torproject dot org
------------------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.torproject.org/pipermail/tbb-dev/attachments/20180107/f7311209/attachment.sig>
More information about the tbb-dev
mailing list