Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[hackerone] #492048 - .onion domains leaks #3249

Closed
jumde opened this issue Feb 6, 2019 · 1 comment · Fixed by brave/brave-core#1605
Closed

[hackerone] #492048 - .onion domains leaks #3249

jumde opened this issue Feb 6, 2019 · 1 comment · Fixed by brave/brave-core#1605
Assignees
@diracdeltas
Labels
feature/tor/leakproofing Eliminating unexpected ways that someone using Tor might be unmasked. OS/Windows priority/P2 A bad problem. We might uplift this to the next planned release. QA Pass-Win64 QA/Yes release-notes/include security
Milestone
0.61.x - Release ...

Comments

@jumde
Copy link
Contributor

jumde commented Feb 6, 2019
edited by diracdeltas
Loading

https://hackerone.com/bugs?report_id=492048

Test Plan (windows only):

  • Go to a non-existent site like dklfjdkafjdkafj.com in a regular tab
  • You should see a link that says 'Running Windows Network Diagnostics'
  • Repeat in a private tab; you should not see this link
  • Repeat in a tor tab; you should not see this link
@jumde jumde added the security label Feb 6, 2019
@diracdeltas diracdeltas added feature/tor/leakproofing Eliminating unexpected ways that someone using Tor might be unmasked. priority/P2 A bad problem. We might uplift this to the next planned release. OS/Windows labels Feb 6, 2019
@diracdeltas diracdeltas mentioned this issue Feb 6, 2019
Closed
18 tasks
diracdeltas added a commit to brave/brave-core that referenced this issue Feb 6, 2019
@diracdeltas
Temporarily disable Windows network diagnostic button
2a45a6d 
Quick fix brave/brave-browser#3249;
can revert once
https://bugs.chromium.org/p/chromium/issues/detail?id=929141 is fixed.

Test plan (windows only)
1. Go to a non-existent site like dklfjdkafjdkafj.com
2. You should not see a button that says 'Running Windows Network
   Diagnostics'
diracdeltas added a commit to brave/brave-core that referenced this issue Feb 7, 2019
@diracdeltas
Disable diagnostic DNS probes entirely
03eae69 
These probes should already be disabled by default because
kAlternateErrorPagesEnabled is false by default in Brave.

This patch makes it impossible to enable these probes, since they could
cause Tor leaks.

partial fix brave/brave-browser#3249
@diracdeltas diracdeltas self-assigned this Feb 7, 2019
diracdeltas added a commit to brave/brave-core that referenced this issue Feb 7, 2019
@diracdeltas
Generate patches from Chrome fix for crbug929141
3d6d2f3 
Cherry-pick of
https://chromium.googlesource.com/chromium/src.git/+/e005fff9c838a13ff1402b01617adca691187a6b.
Needed for brave/brave-browser#3249.

Please revert this commit when Brave's chromium src is rebased to
include e005fff9c838a13ff1402b01617adca691187a6b.
diracdeltas added a commit to brave/brave-core that referenced this issue Feb 7, 2019
@diracdeltas
Disable diagnostic DNS probing
34f4db5 
Needed for brave/brave-browser#3249

prefs::kAlternateErrorPagesEnabled defaults to false in brave, so this
should be disabled by default already. This patch disables the
error page DNS probe regardless of prefs because it could potentially
cause leaks in Tor windows.
@diracdeltas diracdeltas mentioned this issue Feb 7, 2019
Merged
18 tasks
diracdeltas added a commit to brave/brave-core that referenced this issue Feb 14, 2019
@diracdeltas
Generate patches from Chrome fix for crbug929141, minus browsertest
a774c56 
Cherry-pick of
https://chromium.googlesource.com/chromium/src.git/+/e005fff9c838a13ff1402b01617adca691187a6b.
Needed for brave/brave-browser#3249.

deleted the browsertest part of this patch as requested by brianj

Please revert this commit when Brave's chromium src is rebased to
include e005fff9c838a13ff1402b01617adca691187a6b. (Expected to be in C74)
diracdeltas added a commit to brave/brave-core that referenced this issue Feb 14, 2019
@diracdeltas
Disable diagnostic DNS probing
e5d9240 
Needed for brave/brave-browser#3249

prefs::kAlternateErrorPagesEnabled defaults to false in brave, so this
should be disabled by default already. This patch disables the
error page DNS probe regardless of prefs because it could potentially
cause leaks in Tor windows.
@diracdeltas diracdeltas mentioned this issue Feb 19, 2019
Merged
18 tasks
@bsclifton bsclifton added this to the 0.61.x - Beta milestone Feb 20, 2019
@btlechowski
Copy link

Verification passed on

Brave 0.61.37 Chromium: 73.0.3683.39 (Official Build) beta (64-bit)
Revision cc53b0e12fcaf42e4bab8d6c23bd4fb7aae99f6c-refs/branch-heads/3683@{#413}
OS Windows 7 Service Pack 1 Build 7601.24312

Used test plan from brave/brave-core#1605

Regular Window
image

Private Window
image

Private Window with Tor
image

Guest Window
image
@jumde confirmed this is expected behavior for Guest Window.

@kjozwiak kjozwiak mentioned this issue Mar 12, 2019
Closed
This was referenced Feb 19, 2021
Merged
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@diracdeltas diracdeltas

Labels
feature/tor/leakproofing Eliminating unexpected ways that someone using Tor might be unmasked. OS/Windows priority/P2 A bad problem. We might uplift this to the next planned release. QA Pass-Win64 QA/Yes release-notes/include security
Projects
None yet
Milestone
0.61.x - Release (Release Channel)
Development

Successfully merging a pull request may close this issue.

Fixes for onion domain leaks brave/brave-core
5 participants
@diracdeltas @jumde @bsclifton @rebron @btlechowski