TBB proxy bypass: Some DNS requests not going through Tor
No DNS request should be made through the normal internet, everything should go through Tor. The DNS requests leak information of which sites you are browsing in your Tor Browser.
How to reproduce:
- Download and verify "tor-browser-gnu-linux-i686-2.2.35-10-dev-en-US.tar.gz"
- Start up Wireshark to monitor your network, optionally filtering for "dns"
- Unpack Tor and start it by running the "start-tor-browser" script
- Once TorBrowser is open, go to "http://bitcoincharts.com/"
- See DNS request for "bitcoincharts.com" being logged in Wireshark
Tor Browser Bundle for 32-bit Linux, version 2.2.35-10 Running on Fedora 16
This is not the first time some rarely triggered bug in Firefox causes Tor to be bypassed, and certainly will not be the last one. Since these bugs have a very high security impact I propose they are guarded against. How about running Firefox inside some kind of firewall that drops all network packets not going to Tor?