[tor-bugs] #4192 [Tor Browser]: make Tor Browser fail to connect when not launched from Vidalia
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Sat Oct 8 12:51:43 UTC 2011
#4192: make Tor Browser fail to connect when not launched from Vidalia
-------------------------------------------------------+--------------------
Reporter: ioerror | Owner: mikeperry
Type: defect | Status: assigned
Priority: blocker | Milestone:
Component: Tor Browser | Version:
Keywords: security, MikePerryIterationFires20111009 | Parent:
Points: | Actualpoints:
-------------------------------------------------------+--------------------
Comment(by tmpname0901):
I launch the TBB Firefox like this:
export
LD_LIBRARY_PATH=$pathname/Lib:$pathname/App/Firefox:$pathname/App/Firefox/components
$pathname/App/Firefox/firefox-bin -no-remote -profile
$pathname/Data/profile
So, what I'm using from the TBB is Firefox and the profile (including
extensions).
My LAN's server is running a middle node. The traffic from FF simply
joins the flow of packets that is already going through the relay. I've
verified (using iptables logging) that during a surfing session no DNS or
HTTP/HTTPS packets are leaving my local machine. It all goes to the SOCKS
port on the LAN's Tor relay.
With the scheme described above there is only a single threat to privacy:
my LAN's server monitoring traffic between the LAN client and the Tor
relay. As I am the administrator of my LAN's server I am pretty confident
that no snooping is being done. :-)
---------------
$ diff build-scripts/config/no-polipo-4.0.js build-scripts/config/lan-tor-
not-local+vidalia.js
77c77
< user_pref("extensions.torbutton.socks_host", "127.0.0.1");
---
> user_pref("extensions.torbutton.socks_host", "192.168.0.1");
81a82,90
> user_pref("extensions.torbutton.custom.socks_host", "192.168.0.1");
> user_pref("extensions.torbutton.custom.socks_port", 9050);
> user_pref("extensions.torbutton.saved.no_proxies_on", "127.0.0.1");
> user_pref("extensions.torbutton.saved.socks_host", "192.168.0.1");
> user_pref("extensions.torbutton.saved.socks_port", 9050);
> user_pref("extensions.torbutton.saved.socks_remote_dns", true);
> user_pref("extensions.torbutton.saved.type", 1);
> user_pref("extensions.torbutton.settings_method", "custom");
> user_pref("extensions.torbutton.startup", true);
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4192#comment:14>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list