[tor-bugs] #25737 [Applications/Tor Browser]: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy?
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Apr 10 15:40:27 UTC 2018
#25737: Tor Browser's update check bypassed Tor once on macos, because of xpcproxy?
--------------------------------------+--------------------------
Reporter: cypherpunks | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------------------+--------------------------
Comment (by mcs):
Replying to [comment:10 cypherpunks]:
> Sorry for my delay, I had to ask the network administrator: the logs and
cache contain an entry for `aus1.torproject.org`.
To add to gk's questions: does the presence of `aus1.torproject.org` in
your log mean that something did a DNS lookup on that name? I assume so,
which means the leaked request was an application update request.
There are at least three possible explanations for the request you saw:
1. At some point in the past, the default browser proxy preferences were
modified. Then you started Tor Browser and an application update request
was sent before the settings were reset to the correct values (which
Torbutton does during application startup in conjunction with Tor
Launcher). I think this scenario might occur if transproxy mode was
enabled at some prior time.
2. There is a bug in Torbutton or Tor Launcher which temporarily caused
the wrong proxy settings to be configured. Looking at the code, I do not
see such a bug but it might be there.
3. There is a proxy bypass bug in Tor Browser (and probably Firefox as
well) that is triggered under certain conditions.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25737#comment:16>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list