[tor-bugs] #30800 [Applications/Tor Browser]: ftp:// on Windows can be used to leak the system time zone

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Jul 3 11:57:57 UTC 2019


#30800: ftp:// on Windows can be used to leak the system time zone
-------------------------------------------------+-------------------------
 Reporter:  gk                                   |          Owner:  tbb-
                                                 |  team
     Type:  defect                               |         Status:
                                                 |  needs_review
 Priority:  High                                 |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tbb-fingerprinting,                  |  Actual Points:
  TorBrowserTeam201907R, GeorgKoppen201907       |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------
Changes (by gk):

 * keywords:  tbb-fingerprinting => tbb-fingerprinting,
     TorBrowserTeam201907R, GeorgKoppen201907
 * status:  new => needs_review


Comment:

 `bug_30800` (https://gitweb.torproject.org/user/gk/tor-
 browser.git/commit/?h=bug_30800&id=b21da86362c76a231901e6733adee7512579ff06)
 has the backport to esr60 of Gary's patch. It fixes the problem for me,
 nice work! I am still not sure about why only Windows is affected to begin
 with, though, but did not dig deeper into the code yet.

 I guess we could try to test what we have in the alpha, provided the patch
 looks good to us?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30800#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list