[tor-bugs] #9195 [Tor bundles/installation]: Bad default setting in Tor Browser Bundle poses a severe privacy risk.

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Jul 2 20:58:23 UTC 2013 

#9195: Bad default setting in Tor Browser Bundle poses a severe privacy risk.
--------------------------------------+-------------------------------------
 Reporter:  cypherpunks               |          Owner:  erinn
     Type:  defect                    |         Status:  new  
 Priority:  major                     |      Milestone:       
Component:  Tor bundles/installation  |        Version:       
 Keywords:  Tor Browser Bundle        |         Parent:       
   Points:                            |   Actualpoints:       
--------------------------------------+-------------------------------------
 I have found that the latest Tor Browser Bundle (tor-browser-2.3.25-10_en-
 US.exe), when installed as instructed, uses a default setting of:
 browser.download.manager.scanWhenDone;true

 Which can be found by:
 opening a tab with "about:config" in Tor Browser
 and typing 'scan' in the "Search:" field.

 The default setting should be set to false, and all Tor Browser Bundles
 should ship with this setting:
 browser.download.manager.scanWhenDone;false

 Why?

 Anyone who uses Microsoft Security Essentials or another cloud based AV
 product,
 will transmit the filename and hash of <b>EACH</b> downloaded file in the
 clear to be vacuumed up by the NSA or their own domestic stasi equivalent.
 If I were a Chinese or Syrian citizen I would soil my pants. (Not that our
 own governments are better.)

 To verify this:
 Obtain a windows box which uses MSE (with default settings).
 Install Wireshark.
 Install the latest Tor Browser Bundle.
 Start Wireshark and start capturing traffic.
 Start Tor Browser.
 Download any file that would trigger MSE, such as
 https://www.torproject.org/dist/torbrowser/tor-browser-2.3.25-10_en-US.exe
 Watch MSE transmitting info (filename & hash) about this file to
 Microsoft.

 Note: You can disable cloud scanning in MSE and other similar products,
 but this is too much to ask of most users. It is better to avoid this
 problem completely since we know that NSA has installed backdoors into
 Microsoft networks.

 The drawback is that users are, presumably, slightly less protected from
 viruses by not scanning files when downloaded. But if the user has any
 decent AV product and updates the definition files regularly, the file
 would be scanned when used.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9195>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list