Skip to content

GitLab

Trac
Trac

GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

Closed
Opened by cypherpunks@cypherpunks
Report abuse

TBB proxy bypass: Some DNS requests not going through Tor

Observed behaviour:

When visiting certain websites, for example "http://bitcoincharts.com", with JavaScript enabled, a DNS request for the domain is made without going through Tor. This website is the only one I know of there it happens. This is when running the latest Tor Browser Bundle, properly verified against the gpg signature.

Enabling NoScript to block all JavaScript seems to make the DNS request go away. This was verified by restarting Tor and then disabling JavaScript before visiting the site.

Expected behaviour:

No DNS request should be made through the normal internet, everything should go through Tor. The DNS requests leak information of which sites you are browsing in your Tor Browser.

How to reproduce:

  1. Download and verify "tor-browser-gnu-linux-i686-2.2.35-10-dev-en-US.tar.gz"
  2. Start up Wireshark to monitor your network, optionally filtering for "dns"
  3. Unpack Tor and start it by running the "start-tor-browser" script
  4. Once TorBrowser is open, go to "http://bitcoincharts.com/"
  5. See DNS request for "bitcoincharts.com" being logged in Wireshark

System information:

Tor Browser Bundle for 32-bit Linux, version 2.2.35-10 Running on Fedora 16

Other:

This is not the first time some rarely triggered bug in Firefox causes Tor to be bypassed, and certainly will not be the last one. Since these bugs have a very high security impact I propose they are guarded against. How about running Firefox inside some kind of firewall that drops all network packets not going to Tor?

To upload designs, you'll need to enable LFS. More information