[tor-bugs] #21863 [Applications/Tor Browser]: Ensure proxy safety on Android
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Jul 13 02:23:43 UTC 2018
#21863: Ensure proxy safety on Android
-------------------------------------------------+-------------------------
Reporter: gk | Owner: sysrqb
Type: defect | Status:
| accepted
Priority: Very High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: tbb-mobile, tbb-7.0-must, tbb- | Actual Points:
proxy-bypass, TorBrowserTeam201807 |
Parent ID: #26531 | Points:
Reviewer: | Sponsor:
| Sponsor4
-------------------------------------------------+-------------------------
Comment (by sysrqb):
Replying to [comment:28 n8fr8]:
> I thought @amoghbl had found and patched all of these cases. We
definitely focused on checking for DNS leaks in the past, using a variety
of web based DNS leak test tools.
>
> The goal has been to directly proxy everything using HTTP and SOCKs, and
not rely on the Android OS proxy subsystems at all, since they are not
reliable, especially on WAN networks.
>
> This is also all related to the fact that there are 3 different HTTP
packages in use within Fennec, making standardized proxying hard.
I agree. There were a lot of conflicts when I was applying the proxy-safe
Orfox patches, so I did a lot of patching by hand. I wanted to be sure we
didn't miss any new instances of proxy-bypass, so auditing the current
code seemed like a good idea.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21863#comment:31>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list