[tor-bugs] #20212 [Applications/Tor Browser]: Tor can be forced to open too many circuits by embedding .onion resources
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Mar 20 18:06:37 UTC 2018
#20212: Tor can be forced to open too many circuits by embedding .onion resources
-------------------------------------------------+-------------------------
Reporter: gacar | Owner: tbb-
| team
Type: enhancement | Status: new
Priority: Medium | Milestone: Tor:
| unspecified
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: guard-discovery, | Actual Points:
TorBrowserTeam201803 |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by mcs):
Replying to [comment:8 gk]:
> After some more discussion happened, let's try to fix that on the
browser side (first). mcs/brade: can you look into it?
Yes, we can take a look. It would be helpful to develop a better
understanding of what kind of attack(s) we are trying to prevent. That
might lead to a better design. For example, do we want to limit the rate
at which new circuits can be opened or do we just want to refuse to open
more than N circuits per site? Unfortunately, Kathy and I don't really
know enough about `tor` and the Tor Network to do that kind of analysis,
so hints about what should be done would be greatly appreciated.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20212#comment:12>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list