Skip to content

Audit path from browser making URL requests down to contacting SOCKS proxy #4255

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
riastradh-brave opened this issue Apr 26, 2019 · 0 comments
Open

Audit path from browser making URL requests down to contacting SOCKS proxy #4255

riastradh-brave opened this issue Apr 26, 2019 · 0 comments
Labels
feature/tor/leakproofing Eliminating unexpected ways that someone using Tor might be unmasked. feature/tor

Comments

@riastradh-brave
Copy link
Contributor

We need to make sure that all paths from making a URL request in browser-laptop down to the actual network activity leads only to network activity with the configured proxy, at least for Tor sessions. For example, when a SOCKS5 proxy is configured, there should be no DNS requests (see, e.g., brave/muon#164). This is not trivial because there are many such paths!

Further, we should have a practice in place to make sure the audit happens again any time it would be invalidated, e.g. when we update Chromium.

[transcribed from https://github.com/brave/muon/issues/465]
@riastradh-brave riastradh-brave added the feature/tor/leakproofing Eliminating unexpected ways that someone using Tor might be unmasked. label Apr 26, 2019
This was referenced Apr 26, 2019
Open
Open
@btlechowski btlechowski mentioned this issue May 7, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature/tor/leakproofing Eliminating unexpected ways that someone using Tor might be unmasked. feature/tor
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@riastradh-brave