[tor-talk] Request: would someone create a tutorial on how to examine an app for leaks?
adrelanos
adrelanos at riseup.net
Fri Oct 5 16:27:09 UTC 2012
antispam06 at sent.at:
> This is a request. Would someone be so kind as to add a tutorial, in
> fact, several tutorials for how to test/see if an app is Tor ready?
>
> Cheers!
> _______________________________________________
> tor-talk mailing list
> tor-talk at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
The official bug tracker is better for requests. I've submitted such a
request a while ago. [1] [2] [3] Nothing wrong repeating this one the
mailing list, maybe more people read it so we get more input.
Right now, even if the upstream developer(s) were willing to to research
the question if their application is Tor-safe, they wouldn't have a
guide what they should look for. Ok, all traffic through socks5 proxy;
remote DNS; don't transfer IP inside the protocol... But what about do
not transmit the users time zone, users clock, users fonts, operating
system's account name, kernel version, application version, etc.
[1]
https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO#Howtoreviewanapplication
[2] https://lists.torproject.org/pipermail/tor-talk/2012-April/024010.html
[3] https://trac.torproject.org/projects/tor/ticket/5553
More information about the tor-talk
mailing list