[tor-bugs] #24351 [Applications/Tor Browser]: Block Global Active Adversary Cloudflare
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri May 8 13:28:13 UTC 2020
#24351: Block Global Active Adversary Cloudflare
-------------------------------------------------+-------------------------
Reporter: nullius | Owner:
| cypherpunks
Type: enhancement | Status:
| assigned
Priority: High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Major | Resolution:
Keywords: security, privacy, anonymity, mitm, | Actual Points:
cloudflare, TorBrowserTeamTriaged |
Parent ID: #18361 | Points: 1000
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by ϲypherpunks):
Replying to [comment:181 cypherpunks]:
> > :179
2 Can you wrap it just like you did it in
[https://codeberg.org/crimeflare/cloudflare-tor/ here]? This ticket is
becoming way too long.
May would be a better option. This Trac isn't for to much discussion
related things but the issue itself either. I did not. I'm not the
maintainer of that git. I have made no single commit. Need to look how-to.
But found this issue as I was looking for solution as I'm some another
victim of cloudflare punishments.
Replying to [comment:182 cypherpunks]:
> Yeah, I agree. Let's keep it that way. Let all users join CloudFlare.
Fine by me. I have my own firewall anyway.
How reliable is this? Are there full coverage with only the public self
announcement ip ranges on their website? Thought about null routing them
subnets. May we could use those for torrc mapaddress setting. But it would
bypass on socks request by hostname I believe. For up blocking it's fine.
Other idea is to patch the is_private function to feed with cloudflare
ranges to not allow existing to them at all. Not only a browser extension.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24351#comment:185>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list