[tor-bugs] #8742 [Tor]: Byte history leaks information about local usage/hidden services
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Mar 19 15:45:37 UTC 2015
- Previous message: [tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #2665, #2667, #4581, #5462, #6676, #7173, #8106, #8240, #8742, #9001, #9476, #10416, #11480, #12424, #12450, #12595, #12877, #15254, #15272, #2325, #2668, #2715, #2983, #3029, #3259, #3522, #3569, #4130, #4698, #4862, #5940, #6087, #6089, #6313, #6418, #6623, #6837, #7144, #7201, #7480, #8239, #8243, #8244, #8782, #8902, #8948, #9241, #9662, #9664, #9719, #9775, #10168, #10186, #10817, #10837, #10957, #11146, #11151, #11327, #11328, #11444, #11458, #11659, #11973, #12220, #12377, #12456, #12466, #12500, #12541, #12748, #12890, #12891, #12892, #13061, #13112, #13202, #13206, #13207, #13208, #13209, #13258, #13415, #13494, #13540, #13603, #13605, #13703, #13737, #13738, #13752, #13753, #13755, #13802, #13804, #13815, #13816, #13817, #13828, #13966, #13968, #13973, #13977, #13989, #14137, #14150, #14165, #14182, #14186, #14223, #14267, #14312, #14354, #14556, #14579, #14581, #14683, #14715, #14763, #14788, #14799, #14821, #14827, #14828, #14846, #14882, #14905, #14917, #14921, #14957, #14999, #15015, #15017, #15019, #15043, #15054, #15055, #15056, #15057, #15058, #15059, #15060, #15061, #15062, #15087, #15186, #15190, #15195, #15214, #15221, #15230, #15232, #15233, #15234, #15235, #15236, #15237, #15255, #15358, #3523, #4378, #4699, #6419, #7532, #8786, #11145, #11624, #13361, #13621, #14164, #14197, #14742, #15157, #12970, #13593, #15333
- Next message: [tor-bugs] #15376 [Ooni]: Internationalised domain support in ooniprobe
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
#8742: Byte history leaks information about local usage/hidden services
-------------------------+-------------------------------------------------
Reporter: | Owner:
alphawolf | Status: assigned
Type: defect | Milestone: Tor: 0.2.7.x-final
Priority: major | Version: Tor: 0.2.4.12-alpha
Component: Tor | Keywords: byte-history stats tor-hs privacy
Resolution: | tor-relay 026-triaged-1
Actual Points: | Parent ID:
Points: |
-------------------------+-------------------------------------------------
Comment (by asn):
Replying to [comment:9 cypherpunks]:
> I've got the warning
>
> `Tor is currently configured as a relay and a hidden service. That's not
very secure: you should probably run your hidden service in a separate Tor
process, at least -- see https://trac.torproject.org/8742`
>
> while I'm running a hidden service ''and'' a bridge. Looks like a bug to
me, since by bandwidth graphs are not public, thus not leaking anything
useful.
Bridge descriptors and extrainfos get published as well. There is a
sanitization procedure which does not clean up the bandwidth info:
https://collector.torproject.org/formats.html#bridge-descriptors
In any case, this warning message seems well placed. Maybe we should turn
it into a REJECT or that's a bit too harsh? Maybe we should phrase it
better if we can?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8742#comment:12>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
- Previous message: [tor-bugs] [Tor Bug Tracker & Wiki] Batch modify: #2665, #2667, #4581, #5462, #6676, #7173, #8106, #8240, #8742, #9001, #9476, #10416, #11480, #12424, #12450, #12595, #12877, #15254, #15272, #2325, #2668, #2715, #2983, #3029, #3259, #3522, #3569, #4130, #4698, #4862, #5940, #6087, #6089, #6313, #6418, #6623, #6837, #7144, #7201, #7480, #8239, #8243, #8244, #8782, #8902, #8948, #9241, #9662, #9664, #9719, #9775, #10168, #10186, #10817, #10837, #10957, #11146, #11151, #11327, #11328, #11444, #11458, #11659, #11973, #12220, #12377, #12456, #12466, #12500, #12541, #12748, #12890, #12891, #12892, #13061, #13112, #13202, #13206, #13207, #13208, #13209, #13258, #13415, #13494, #13540, #13603, #13605, #13703, #13737, #13738, #13752, #13753, #13755, #13802, #13804, #13815, #13816, #13817, #13828, #13966, #13968, #13973, #13977, #13989, #14137, #14150, #14165, #14182, #14186, #14223, #14267, #14312, #14354, #14556, #14579, #14581, #14683, #14715, #14763, #14788, #14799, #14821, #14827, #14828, #14846, #14882, #14905, #14917, #14921, #14957, #14999, #15015, #15017, #15019, #15043, #15054, #15055, #15056, #15057, #15058, #15059, #15060, #15061, #15062, #15087, #15186, #15190, #15195, #15214, #15221, #15230, #15232, #15233, #15234, #15235, #15236, #15237, #15255, #15358, #3523, #4378, #4699, #6419, #7532, #8786, #11145, #11624, #13361, #13621, #14164, #14197, #14742, #15157, #12970, #13593, #15333
- Next message: [tor-bugs] #15376 [Ooni]: Internationalised domain support in ooniprobe
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the tor-bugs
mailing list