[tor-bugs] #21011 [Applications/Tor Browser Sandbox]: Disable JavaScript JIT

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Dec 19 21:44:39 UTC 2016 

#21011: Disable JavaScript JIT
----------------------------------------------+-------------------------
 Reporter:  cypherpunks                       |          Owner:  yawning
     Type:  enhancement                       |         Status:  new
 Priority:  Medium                            |      Milestone:
Component:  Applications/Tor Browser Sandbox  |        Version:
 Severity:  Normal                            |     Resolution:
 Keywords:  sandbox-security                  |  Actual Points:
Parent ID:                                    |         Points:
 Reviewer:                                    |        Sponsor:
----------------------------------------------+-------------------------

Comment (by gk):

 Replying to [comment:5 yawning]:
 > Ok, the security slider on a fresh install will default to High
 (d8c9273d27489353a6250a106c34951fc2aa4322).  As far as making more changes
 to the JIT settings, I'd want the other browser people to weigh in here.

 As a general matter I think we should try to avoid dealing with browser
 related settings outside of the browser itself. For one it makes things
 harder to debug if there different pieces of our products are taking care
 of the same settings and we open up the whole system to subtle bugs that
 might lie in Mozilla's code (they might never have tested whether the
 parts we use play together nicely). Plus this mixing of responsibilities
 has the tendency to make the whole system harder to analyze.

 For now, having the slider set to "High" in the alpha Tor Browser sandbox
 is okay with me but we should think harder about that if we envision a
 future (as I do) where we only ship Tor Browser in the sandbox to our
 users. Maybe that's some kind of crazy Utopia but I want to see all users
 benefiting from the security guarantees the sandbox provides. And
 currently it seems to me we would drive quite a chunk of them away with
 that move. A lot of the web is broken in that mode (alas) and users will
 not blame Facebook or whomever for that but Tor Browser and choose a
 different (albeit less secure by default) product.

 Regarding messing with the JIT preferences: what I said above in the first
 paragraph applies here as well + I feel we need to be careful to not
 introduce ways to fingerprint users of the Tor Browser sandbox that way. I
 am  not sure whether flipping those prefs would already be bad. But I
 could imagine that some timing measurements might be able to reveal them,
 in combination with all the other prefs set on your particular slider
 mode. (Sure, if you have set your slider level to "High" this would be
 moot but then flipping those prefs in then first place would be
 superfluous as well)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21011#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list