[tor-bugs] #7179 [EFF-HTTPS Everywhere]: Ths SSL Observatory feature leaks DNS requests without the TBB
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Sun Oct 21 19:05:14 UTC 2012
#7179: Ths SSL Observatory feature leaks DNS requests without the TBB
----------------------------------+-----------------------------------------
Reporter: gk | Owner: pde
Type: defect | Status: new
Priority: critical | Milestone:
Component: EFF-HTTPS Everywhere | Version:
Keywords: | Parent:
Points: | Actualpoints:
----------------------------------+-----------------------------------------
HTTPS-Everywhere is leaking DNS requests no matter whether I use Tor or
not (but note that the TBB is not affected. See below for the reason). All
tests were made in a clean new profile with FF 16.0.1 and HTTPS-E 3.0.2
installed.
The reason is that
Ci.nsIProxyInfo.TRANSPARENT_PROXY_RESOLVES_HOST
is _not_ enough to be sure to not leak DNS requests if you build your
proxy settings manually and using applyFilter(). This is actually a
Mozilla (Necko) bug documented here:
https://bugzilla.mozilla.org/show_bug.cgi?id=536093
The only workaround I am currently aware of is setting
"network.dns.disablePrefetch" to |true|, a thing which is done in the TBB.
Then there are no requests leaking.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7179>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list