[tor-bugs] #32637 [Core Tor/Tor]: SocksPort IPv6 flags differs in default config and in Torlauncher prefs, and exits can distinguish them

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun Dec 1 07:41:27 UTC 2019


#32637: SocksPort IPv6 flags differs in default config and in Torlauncher prefs,
and exits can distinguish them
-------------------------------------------------+-------------------------
 Reporter:  cypherpunks                          |          Owner:  (none)
     Type:  defect                               |         Status:  new
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  0.4.3.x-final
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  043-should, ipv6, security-low, no-  |  Actual Points:
  backport                                       |
Parent ID:                                       |         Points:  1
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------
Changes (by teor):

 * keywords:   => 043-should, ipv6, security-low, no-backport
 * points:   => 1


Comment:

 This is a low-severity security issue, because it involves one bit of
 information leakage from clients to exits, and the anonymity sets are
 still quite large. (Particularly because every client creates preemptive
 circuits, and many send traffic over those circuits.)

 We should set PreferIPv6 by default in our first 0.4.3 alpha, and expect a
 small amount of breakage:
 * A few tools may use dual-stack DNS, but expect IPv4-only connections. Or
 the IPv6 might be broken at the remote end.
 * IPv6 exits are still rarer than IPv4 exits
 * Tor's retry logic may be able to do better with IPv6-only sites, but
 that risks leaking information about previous exits' responses to the
 client

 We should not backport:
 * Some long-standing IPv6 bugs are only fixed in 0.4.3

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/32637#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list