Project

General

Profile

Feature #6149

Feature #5663: Return to Icedove

Feature #6148: Torbirdy in Debian

Feature #6154: Secure the Icedove autoconfig wizard

Feature #7064: Update our plans for securing Icedove's autoconfig wizard wrt. recent developments

Wait for Torbirdy patches design documentation

Added by Tails about 6 years ago. Updated over 3 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
-
Target version:
Start date:
Due date:
% Done:

100%

Feature Branch:
Type of work:
Communicate
Blueprint:
Starter:
No
Affected tool:
Email Client

Description

wait for the design documentation for Torbirdy patches (#6150) (asked on 2013-01-29 in <tt><></tt>).


Related issues

Related to Tails - Feature #9493: Write Icedove manual tests for common usecases and security requirements Resolved 05/29/2015

History

#1 Updated by Tails about 6 years ago

  • Parent task set to #6150

#2 Updated by intrigeri about 6 years ago

  • Priority changed from Normal to High

#3 Updated by intrigeri about 6 years ago

  • Starter set to Yes

#4 Updated by intrigeri about 6 years ago

Some explanation for these patches was posted on upstream bug tracker. See parent ticket.

#5 Updated by sajolida over 5 years ago

  • Starter changed from Yes to No

#6 Updated by BitingBird over 5 years ago

  • Subject changed from wait for Torbirdy patches design documentation to Wait for Torbirdy patches design documentation

#7 Updated by sajolida about 5 years ago

  • Priority changed from High to Normal

#8 Updated by intrigeri about 5 years ago

  • Category set to 212

#9 Updated by intrigeri over 4 years ago

  • Assignee set to u
  • Target version set to 246
  • Parent task changed from #6150 to #7064
  • Type of work changed from Wait to Communicate

#10 Updated by sajolida about 4 years ago

Marked as blocked by #8668 as a child of #6154.

#11 Updated by u almost 4 years ago

  • Assignee changed from u to intrigeri
  • QA Check set to Info Needed

Hi,

may you please modify the link in the description so that i can access it?

Thanks!

#12 Updated by intrigeri almost 4 years ago

  • Assignee changed from intrigeri to u
  • QA Check changed from Info Needed to Dev Needed

may you please modify the link in the description so that i can access it?

This is the <8538xk1i8q.fsf@boum.org> email Message-Id. Apparently the importation to Redmine entity-encoded bits of it. My preferred web search engine points me to https://www.mail-archive.com/tails-dev@boum.org/msg02504.html. Good enough for your needs?

#13 Updated by u almost 4 years ago

Great, thanks!

#14 Updated by sajolida almost 4 years ago

  • Target version changed from 246 to Tails_2.0

#16 Updated by u almost 4 years ago

There is no real design documentation.

Simply requirements and notes from tagnaq's paper.

Problems identified in Thunderbird which Torbirdy seeks to address

  • Thunderbird discloses machine specific clock information (section 3.5.3 and 3.5.4)
  • Thunderbird may discloses the underlying OS (section 3.5.6)
  • Thunderbird requests a website in cleartext at startup, disclosing its version, OS, language and buildid (section 3.6.1)
  • Thunderbird stores and submits an identifying HTTP cookie with a lifetime of five years to Mozilla (section
    3.6.4)
  • Thunderbird discloses the email address in cleartext to the exit node and the network (section 3.6.5)
  • Thunderbird retrieves mail server configurations from a remote server over an insecure channel (section 3.6.5)
  • Thunderbird leaks DNS requests and TCP connections (section 3.6.5)
  • Enigmail leaks DNS requests (section 3.6.6)
  • Enigmail may disclose all keyIDs in the keyring to the exit node and the network (section 3.6.6)
  • Thunderbird may disclose local paths to the IMAP server (section 4.1.4)
  • Thunderbird insecurely handles certain mail header and opens the browser without the user’s consent (section 4.1.4)
  • an attacker might be able to determine Thunderbird’s approximate version (section 4.1.6)

How Torbirdy seeks to address these problems

Modifications

  • remove possibility to load website at startup including "whatsnew" page (3.6.1)
  • replace autoconfiguration with manual configuration (3.6.5)
  • boundary string without prefix in any case (3.5.6)
  • stripe Mozilla specific header from incoming mails (4.1.4)
  • intercept any call to open an external application (4.2.1)
  • implement per account proxy settings including a global proxy for non-mail traffic (4.2.2)
  • implement time-offset fingerprint prevention (4.2.3) => partly accepted, partly pending upstream patch

Configuration options

All options are enabled by default.
  • “make ’connection security’ mandatory”
  • “use common fingerprint” (4.2.4)
  • “HSTS state reset on shutdown”
  • “ignore MDN requests silently”
  • “disable HTML parsing”
  • “do not display attachments inline”
  • “make URLs in emails not clickable”
  • “display warning when setting up an IMAP account”
  • “display warning if multiple accounts share the same proxy”
  • “display warning when adding attachment”

The Torbirdy developers ask that "somebody" checks the code against these requirements.

#17 Updated by u almost 4 years ago

  • Related to Feature #9493: Write Icedove manual tests for common usecases and security requirements added

#18 Updated by u over 3 years ago

  • Status changed from Confirmed to Resolved

I think this ticket can be closed now. The 2 patches there were to be merged upstream have been and I doubt that anybody will write any more design documentation. As said by Sukhbir on tails-icedove@, they did not take any notes about it and would need a code review at some point.

#19 Updated by intrigeri over 3 years ago

  • Assignee deleted (u)
  • % Done changed from 0 to 100

Also available in: Atom PDF