Skip to content

GitLab

GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

Open
Created by Georg Koppen@gkDeveloper

Think about using DNS over HTTPS for Tor Browser

Right now we have DNS over HTTPS (DoH) not enabled in Tor Browser but we should think about whether we should do that. https://hacks.mozilla.org/2018/05/a-cartoon-intro-to-dns-over-https/ has some good illustration about this feature

Some pros

  • it cuts out some potential for messing with DNS queries
  • it should help mitigating the DNS proxy leak threat inherent to using a SOCKS proxy
  • it might help with the attacks mentioned in "The Effect of DNS on Tor's Anonymity" (https://nymity.ch/tor-dns/tor-dns.pdf) ...

Some cons

  • it adds a central party seeing all Tor Browser users's DNS requests (even though a lot of DNS queries (about 40%) go to Google already according to the above mentioned paper that's not 100%)
  • it might add latency
  • First Party Isolation of the requests and the cache might need to get added ...
Edited by Matthew Finkel
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information