WebRTC Proxy Leaks and Unix Socket Enforcement#752
Conversation
|
|
||
| Wireshark is excellent for class (1). Port scanners and reachability tests can detect class (2). SocksTrace can detect all three classes because it monitors syscalls and socket behavior directly. | ||
|
|
||
| The WebRTC route-discovery issue described above is class (3): no packets are transmitted, but privacy-sensitive network stack interaction still occurs outside the proxy path. |
There was a problem hiding this comment.
Can we append a few sentences to this paragraph? Something like:
The network stack interaction enables the application to learn information about the user's network, and that information can then be transmitted over Tor. By analogy, an application that transmits your real IP address to a Tor onion service would surely still be considered a proxy leak! (This is not even a theoretical concern -- there are BitTorrent clients in the wild that have deanonymized users by sending their IP address in application-layer traffic.)
|
ACK 8f5d605, modulo the one suggestion made above. There's a small technical issue on one of my VM's that will introduce some delays in merging+deploying this, I am hoping to have this blogpost deployed within a week, please poke me on Matrix if you need that timeline accelerated for any reason. |
WebRTC Proxy Leaks and Unix Socket Enforcement
robertmin1
force-pushed
the
webrtc_proxy
branch
from
8f5d605 to
466c951
Compare
|
The previously existing text:
Seems to have been accidentally removed when you added the new text. |
2 participants
No description provided.