Project

General

Profile

Feature #7686

Bug #6261: Tor browser / HTTPS Everywhere should not connect to check.torproject.org on startup

Verify that Tor Browser does not connect to check.t.o if HTTPS Everywhere is disabled

Added by intrigeri about 5 years ago. Updated about 5 years ago.

Status:
Resolved
Priority:
Low
Assignee:
-
Category:
-
Target version:
-
Start date:
07/29/2014
Due date:
% Done:

100%

Feature Branch:
Type of work:
Test
Blueprint:
Starter:
Yes
Affected tool:
Browser

Description

On https://trac.torproject.org/projects/tor/ticket/9693, we're told that #6261 is actually not caused by Torbutton, but most likely by HTTPS Everywhere. We should verify this:

  1. start sniffing the outgoing connections (e.g. via the Vidalia network map, which is not perfect, but easy and cheap)
  2. start Tor Browser in Tails
  3. verify that you can see an outgoing connection to check.torproject.org
  4. disable the HTTPS Everywhere add-on
  5. close Tor Browser
  6. start Tor Browser
  7. verify that you can not see any outgoing connection to check.torproject.org
  8. report back on this ticket

Related issues

Blocks Tails - Bug #6262: Wait for Torbutton to allow not connecting to check.t.o on startup Rejected 09/07/2013

History

#1 Updated by intrigeri about 5 years ago

  • Blocks Bug #6262: Wait for Torbutton to allow not connecting to check.t.o on startup added

#2 Updated by BitingBird about 5 years ago

  • Starter changed from No to Yes

The procedure is well documented, so this ticket is easy :)

#3 Updated by kytv about 5 years ago

It's definitely HTTPSEverywhere, seen in Tails 1.1. With HTTPS Everywhere enabled, check.t.o is accessed. With it disabled, there's no connection made to check.torproject.org.

#4 Updated by kytv about 5 years ago

I don't know JS--at all--but this is in the SSLObservatory code:

  65 function SSLObservatory() {
  66   this.prefs = CC["@mozilla.org/preferences-service;1"]
  67         .getService(CI.nsIPrefBranch);
  68 
  69   try {
  70     // Check for torbutton
  71     this.tor_logger = CC["@torproject.org/torbutton-logger;1"]
  72           .getService(CI.nsISupports).wrappedJSObject;
  73     this.torbutton_installed = true;
  74   } catch(e) {
  75     this.torbutton_installed = false;
  76   }
  77 
  78   this.HTTPSEverywhere = CC["@eff.org/https-everywhere;1"]
  79                             .getService(Components.interfaces.nsISupports)
  80                             .wrappedJSObject;
  81 
  82   /* The proxy test result starts out null until the test is attempted.
  83    * This is for UI notification purposes */
  84   this.proxy_test_successful = null;
  85   this.proxy_test_callback = null;
  86   this.cto_url = "https://check.torproject.org/?TorButton=true";
  87   // a regexp to match the above URL
  88   this.cto_regexp = RegExp("^https://check\\.torproject\\.org/");
  89 
  90   this.public_roots = root_ca_hashes;

So (if I'm reading this correctly) if TorButton is installed it tries check.t.o, otherwise it doesn't...which leads to Torbutton being blamed?

#5 Updated by BitingBird about 5 years ago

  • Status changed from Confirmed to In Progress

#6 Updated by intrigeri about 5 years ago

  • Status changed from In Progress to Resolved
  • % Done changed from 0 to 100

Thanks!

Also available in: Atom PDF