[Whonix-devel] #20555 [Core Tor/Tor]: stream isolation for DNS and hidden service descriptor cache
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Nov 3 17:02:56 CET 2016
#20555: stream isolation for DNS and hidden service descriptor cache
------------------------------+-----------------
Reporter: adrelanos | Owner:
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Core Tor/Tor | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
------------------------------+-----------------
Seems like Tor's DNS cache ({{{CacheIPv4DNS}}}, {{{CacheIPv6DNS}}}) and
caching of hidden service descriptors is cached globally.
The first connection in stream one resolves all DNS or hidden service
descriptors. But follow up connections in separate streams to the same
website do not resolve and use Tor's cache.
So webservers could provide a slightly unique version of their website per
visitor. Each visitors browser could be instructed to load additional
content from varying hostnames. Due to caching vs non-caching it might be
possible to make visitors pseudonymous rather than anonymous.
The problem is that Tor's cache is global and not stream isolated.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20555>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the Whonix-devel
mailing list