Skip to content
GitLab
Projects Groups Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • Tor Tor
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 330
    • Issues 330
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 31
    • Merge requests 31
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • The Tor Project
  • Core
  • TorTor
  • Issues
  • #15458
Closed
Open
Issue created Mar 25, 2015 by Mike Perry@mikeperryDeveloper

StrongSocksIsolation option (w/ virtual circuits?)

For tor browser security and usability, it would be nice to have an option that instructs Tor to try harder with SocksIsolation. In particular, if this is set, Tor should not retry any stream requests on new circuits once a circuit is successfully used. This will prevent guard discovery attacks from working against the browser (see legacy/trac#13669 (moved) and https://trac.torproject.org/projects/tor/ticket/7870#comment:18).

Additionally, if this value is set, TrackHostExits should also follow the socks username and password isolation. In other words, Tor should track the exits used by hostnames independently for each socks username+password. This would allow us to re-implement legacy/trac#13766 (moved) and legacy/trac#9442 (moved) using TrackhostExits instead of MaxCircuitDirtiness (which will mean less idle circuits staying open on relays, taking up memory).

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking