[tor-bugs] #18589 [Applications/Tor Browser]: Tor browser writes SiteSecurityServiceState.txt with usage history

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun Mar 26 13:41:44 UTC 2017


#18589: Tor browser writes SiteSecurityServiceState.txt with usage history
--------------------------------------+--------------------------
 Reporter:  cypherpunks               |          Owner:  tbb-team
     Type:  defect                    |         Status:  assigned
 Priority:  High                      |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Major                     |     Resolution:
 Keywords:  tbb-disk-leak             |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------
Changes (by gk):

 * cc: gacar (added)


Comment:

 We might want to look at the amount of sites that provide HSTS/HPKP
 headers while not being on the preload list. If the amount of those sites
 is small (or if the amount of those sites in the top 1,000,000 sites is
 small?) we might want to think about clearing the state after a session as
 well.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18589#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list