[tor-bugs] #5761 [TorBrowserButton]: Decide if it's safe to pass the Dooble around the Tor Community
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Sat May 5 23:50:26 UTC 2012
#5761: Decide if it's safe to pass the Dooble around the Tor Community
---------------------------------+------------------------------------------
Reporter: mike123 | Owner: mike123
Type: enhancement | Status: reopened
Priority: normal | Milestone:
Component: TorBrowserButton | Version:
Resolution: | Keywords:
Parent: | Points:
Actualpoints: |
---------------------------------+------------------------------------------
Comment(by textbrowser):
OK, the middleman has left the building. Some answers in some order.
Multiple passphrases? Not in Dooble. If the current passphrase is
replaced, existing data is either re-encoded or discarded. It's
theoretically possible to produce equal hashes from varying content, but
you already know that. It's possible that during data purging, temporary
information is left unattended. Completely acceptable. Suggestion noted.
That's fine. Noted.
Indeed, Dooble does use repetitive vectors. The cookie manager is not
designed around encryption.
Known. Hashes are used throughout for locating entries. Lots of places use
hashes, lots. A better approach is to assign OIDs, but that desire has not
been implemented.
Again, I know there are two possible outcomes.
Dooble has one developer, one. It is an evolving project.
These design flaws, as you call them, have elegant solutions.
Regarding the impressive critique, I was being just as sarcastic as some
previous commentator. People will use Dooble with or without Tor and it,
Dooble, does not require Tor's blessing. Dooble is a whole lot of love.
Offer suggestions, but PLEASE leave Dooble out of this community.
Thanks.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5761#comment:29>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list