[tor-bugs] #15458 [Tor]: Provide StrongSocksIsolation torrc option

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Mar 25 03:41:19 UTC 2015


#15458: Provide StrongSocksIsolation torrc option
-----------------------------------+---------------------
 Reporter:  mikeperry              |          Owner:
     Type:  enhancement            |         Status:  new
 Priority:  normal                 |      Milestone:
Component:  Tor                    |        Version:
 Keywords:  tbb-wants, tor-client  |  Actual Points:
Parent ID:                         |         Points:
-----------------------------------+---------------------
 For tor browser security and usability, it would be nice to have an option
 that instructs Tor to try harder with SocksIsolation. In particular, if
 this is set, Tor should not retry any stream requests on new circuits once
 a circuit is successfully used. This will prevent guard discovery attacks
 from working against the browser (see #13669 and
 https://trac.torproject.org/projects/tor/ticket/7870#comment:18).

 Additionally, if this value is set, TrackHostExits should also follow the
 socks username and password isolation. In other words, Tor should track
 the exits used by hostnames independently for each socks
 username+password. This would allow us to re-implement #13766 and #9442
 using TrackhostExits instead of MaxCircuitDirtiness (which will mean less
 idle circuits staying open on relays, taking up memory).

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15458>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list