Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Wayback machine feature should be disabled in Tor windows or use Tor #8419

Closed
diracdeltas opened this issue Feb 26, 2020 · 1 comment · Fixed by brave/brave-core#4763
Closed

Wayback machine feature should be disabled in Tor windows or use Tor #8419

diracdeltas opened this issue Feb 26, 2020 · 1 comment · Fixed by brave/brave-core#4763
Assignees
@simonhong
Labels
feature/tor/leakproofing Eliminating unexpected ways that someone using Tor might be unmasked. priority/P2 A bad problem. We might uplift this to the next planned release. privacy QA Pass-Linux QA Pass-macOS QA Pass-Win64 QA/Yes release-notes/include sec-high security
Milestone
1.4.x - Release H...

Comments

@diracdeltas
Copy link
Member

diracdeltas commented Feb 26, 2020
edited
Loading

Problem

As reported in https://bravesoftware.slack.com/archives/C85NV6NSG/p1582256790113900 (see thread), we found that clicking the "Checked for saved version" button on a 404 page in a Tor window will send a request to https://brave-api.archive.org/... that doesn't go through Tor. As such, this is a privacy problem.

Expected behavior

  1. open a Tor window
  2. go to https://brave.com/dfkdfjd
  3. either you should not see a notification bar that offers to check the Wayback machine or you should see this, and clicking on the button to check the Wayback machine does not issue a request that goes over plain TLS. (check for it in a request inspector like Wireshark)

What about private windows?

I think this feature is probably ok to keep in private windows because it uses a network context that doesn't store state on disk (https://cs.chromium.org/chromium/src/chrome/browser/net/system_network_context_manager.h?q=systemnetwork&sq=package:chromium&g=0&l=44-45) and we disallow cookies (https://github.com/brave/brave-core/pull/3561/files#diff-306f17e629f5adfd7444084d21b89193R38) for it.

However if the fix is easier to do with it disabled entirely in private windows (Tor windows included), I am pro doing that.

underlying cause

The system network context (https://github.com/brave/brave-core/pull/3561/files#diff-6d51337a3d8e25d0c3fbb40ef046dce9R58) doesn't use the Tor window proxy setting.
@diracdeltas diracdeltas added priority/P2 A bad problem. We might uplift this to the next planned release. feature/tor/leakproofing Eliminating unexpected ways that someone using Tor might be unmasked. sec-high security privacy labels Feb 26, 2020
@simonhong simonhong mentioned this issue Feb 26, 2020
Merged
32 tasks
@diracdeltas diracdeltas changed the title Wayback machine feature should be disabled in Tor windows Wayback machine feature should be disabled in Tor windows or use Tor Feb 27, 2020
This was referenced Feb 27, 2020
Merged
Merged
@bsclifton bsclifton mentioned this issue Feb 27, 2020
Merged
4 tasks
This was referenced Mar 3, 2020
Closed
Closed
Closed
@GeetaSarvadnya
Copy link

GeetaSarvadnya commented Mar 4, 2020
edited by LaurenWags
Loading

Verification passed on

Brave 1.4.96 Chromium: 80.0.3987.132 (Official Build) (64-bit)
Revision fcea73228632975e052eb90fcf6cd1752d3b42b4-refs/branch-heads/3987@{#974}
OS Windows 10 OS Version 1803 (Build 17134.1006)
  • Issue Reproducible in 1.4.95 wherein https://brave-api.archive.org/ is being listed in Fiddler network monitoring tool request/response
    image
  • Verified the test plan from Make wayback url request to use per-profile SharedLoaderFactory brave-core#4763
  • Verified that click on http://www.brave.com/bo-> Check for saved version displays the archived page in TOR
  • Verified that https://brave-api.archive.org/ isn't being displayed in fiddler in 1.4.96
    image

Verification passed on

Brave 1.4.96 Chromium: 80.0.3987.132 (Official Build) (64-bit)
Revision fcea73228632975e052eb90fcf6cd1752d3b42b4-refs/branch-heads/3987@{#974}
OS Ubuntu 18.04 LTS

Verified passed with

Brave 1.4.96 Chromium: 80.0.3987.132 (Official Build) (64-bit)
Revision fcea73228632975e052eb90fcf6cd1752d3b42b4-refs/branch-heads/3987@{#974}
OS macOS Version 10.14.6 (Build 18G3020)
  • Reproduced the issue using 1.4.95 - https://brave-api.archive.org/ is listed in Charles when using Tor window:

Screen Shot 2020-03-04 at 9 27 42 AM

Screen Shot 2020-03-04 at 9 31 27 AM

  • Verified STR from description

@kjozwiak kjozwiak mentioned this issue Mar 4, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@simonhong simonhong

Labels
feature/tor/leakproofing Eliminating unexpected ways that someone using Tor might be unmasked. priority/P2 A bad problem. We might uplift this to the next planned release. privacy QA Pass-Linux QA Pass-macOS QA Pass-Win64 QA/Yes release-notes/include sec-high security
Projects
None yet
Milestone
1.4.x - Release Hotfix 1
Development

Successfully merging a pull request may close this issue.

Make wayback url request to use per-profile SharedLoaderFactory brave/brave-core
7 participants
@diracdeltas @kjozwiak @bsclifton @simonhong @LaurenWags @btlechowski @GeetaSarvadnya