Feature #6115

Feature #5769: Applications audit

Audit polipo

Added by Tails over 6 years ago. Updated about 5 years ago.

Target version:
Start date:
Due date:
% Done:


Feature Branch:
Type of work:
Affected tool:


A bunch of anonymity, privacy and security issues in Polipo were fixed in Christopher Davis' branch (git:// and never merged upstream.

Even if we have stopped using polipo in iceweasel (#5776), we should check if these issues affect Tails... unless we replace polipo with privoxy? (#5379)


Christopher added the dontIdentifyToClients option (commits: 80b45940, be116b5, c78beb81) to fix bug #1082 on Tor Project's Trac. When set to true, "Polipo tries to avoid transmitting local host name, port, and time zone".

  1. hostname and port: Tails sets proxyName = "localhost" and proxyPort = 8118 just like the Tor Browser Bundle does => nothing critical could be leaked - at worse, leaking this information restricts the practical anonymity set to the best one Tails can try putting its users into => non-issue.
  2. Leaking timezone information to the outside world would be much more annoying: Tails' web browser has been trying to spoof a EN-US browser since 0.7 for a reason. However, that information can only be transmitted to a HTTP client connected to Polipo; practically speaking, such a client can be any non-SOCKS-aware applications shipped in Tails; most have other means to gather that information anyway, but e.g. untrusted JavaScript in the web browser might be used to access the aforementioned information and leak it => research how to fix this (probably by patching Polipo and pushing that patch upstream and/or to Debian; avoiding to ship Polipo at all would be even better, but we're not here yet)

Tails Git devel branch sets UTC timezone for everybody, so the timezone leaking issue becomes much less relevant.


Security issues that were not privacy-related have supposedly already been applied to the polipo package shipped in Debian Squeeze. This should be double-checked, though => research.

Related issues

Related to Tails - Feature #5379: Remove Polipo or replace it with Privoxy Resolved 01/27/2014

Associated revisions

Revision 70c2c590 (diff)
Added by Tails developers about 5 years ago

Remove all traces of Polipo: we don't use it anymore (Closes: #5379, #6115).


#1 Updated by intrigeri over 6 years ago

  • Subject changed from polipo to audit polipo
  • Parent task set to #5769

#2 Updated by intrigeri over 6 years ago

  • Type of work changed from Research to Audit
  • Starter set to No

#3 Updated by BitingBird over 5 years ago

  • Subject changed from audit polipo to Audit polipo

#4 Updated by intrigeri about 5 years ago

  • Status changed from Confirmed to Rejected

We're going to drop it (#5379).

Also available in: Atom PDF