[tor-bugs] #7085 [Tor bundles/installation]: Integrate Cryptocat Browser Extension into Tor Browser Bundle

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Nov 22 20:39:00 UTC 2012


#7085: Integrate Cryptocat Browser Extension into Tor Browser Bundle
--------------------------------------+-------------------------------------
 Reporter:  kaepora                   |          Owner:  erinn                        
     Type:  enhancement               |         Status:  new                          
 Priority:  normal                    |      Milestone:  TorBrowserBundle 2.2.x-stable
Component:  Tor bundles/installation  |        Version:  Tor: unspecified             
 Keywords:                            |         Parent:                               
   Points:                            |   Actualpoints:                               
--------------------------------------+-------------------------------------

Comment(by mikeperry):

 kaepora: Is there a tag in your bugtracker so we can look over the bugs
 found as a result of the audit?

 Also, if NSS is only used as a source of random bytes, you should consider
 using https://developer.mozilla.org/en-
 US/docs/XPCOM_Interface_Reference/nsIRandomGenerator. It uses NSS's PRNG
 underneath. The reason to avoid jsctypes is because it increases the
 vulnerability surface for sandboxed TBBs. We're pondering removing it if
 we ever get a working sandbox (see #6152).

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7085#comment:19>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list