[tor-bugs] #6314 [TorBirdy]: prevent leak via Date header field (local timestamp disclosure)

[Tor Bug Tracker & Wiki]

#6314: prevent leak via Date header field (local timestamp disclosure)
--------------------------+----------------------
     Reporter:  tagnaq    |      Owner:  ioerror
         Type:  defect    |     Status:  new
     Priority:  major     |  Milestone:
    Component:  TorBirdy  |    Version:
   Resolution:            |   Keywords:  SponsorT
Actual Points:            |  Parent ID:  #9131
       Points:            |
--------------------------+----------------------

Comment (by heywoodj123@…):

 I have torbirdy 0.1.2 running on TB 24.1.1 (built from
 http://hg.mozilla.org/releases/mozilla-esr24/rev/73cf17fcf5d5) on OS X
 10.6.8.

 I appreciate the need to avoid leaking location info by masking the local
 timezone, but it appears this build of torbirdy is going too far.
 Specifically, I'm seeing that mailnews.reply_header_authorwrote is getting
 changed from "%s wrote" to "%s", and mailnews.reply_header_ondate is
 getting changed from "On %s" to null.

 What I would expect instead is that the formatting for _ondate is simply
 changed to use UTC rather than local time (perhaps using some other
 preference(s) in addition, or instead) . I see no reason to change
 _authorwrote at all.

 I'm not 100% sure this is due to torbirdy, but from this ticket (and also
 #6315) it seems the most likely culprit. I am not much of a coder, but
 would be happy to test a patched version and report back.

 Thanks for the excellent extension -- I'm finally able to use TB via Tor,
 which I've been wanting to do for a very long time.

 Cheers,

 -H

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6314#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online