Browser-laptop: Verify that we get site isolation in Tor

Created on 12 Jun 2018  路  11Comments  路  Source: brave/browser-laptop

During some usability tests we seemed to get the same IP address more often than expected. Figure out why and whether there is a bug here.

TEST PLAN:

search 'what is my IP' on a tor tab
remember what duckduckgo says the IP is
click on a search result that shows you your IP.
it should show a different IP than what duckduckgo showed

Qchecked-Linux Qchecked-Win64 Qchecked-macOS Qtest-plan-specified featurtor release-noteexclude releasblocking
Source
picture riastradh-brave

Most helpful comment

@kjozwiak yup, the test plan is basically https://github.com/brave/browser-laptop/issues/14390#issuecomment-396682930t - i'll copy it into the issue

picture diracdeltas on 25 Jun 2018
1 🎉1 👍1

All 11 comments

Based on my testing I'm pretty sure there is a bug here.

STR:

  1. search 'what is my IP' on a tor tab
  2. remember what duckduckgo says the IP is
  3. click on a search result that shows you your IP.
  4. note it's always the same as what duckduckgo said even though the site is a different origin
diracdeltas picture diracdeltas on 12 Jun 2018

re above,
changing 3rd step to open in a new tab and it works.
The circuit seems only been determined when first request shows per tab.

darkdh picture darkdh on 12 Jun 2018

And I fount out doing a Refresh after step 3, it show different ip than DDG.
So it seems like proxy setting is not able to applied in time before the request processed

darkdh picture darkdh on 13 Jun 2018

Examination on the wire between brave and the tor daemon reveals:

  1. a socks request with username duckduckgo.com to host duckduckgo.com when you do the search
  2. a socks request with username iplocation.net to host iplocation.net when you open the link in a new tab
  3. a socks request with username duckduckgo.com to host iplocation.net when you click on a link in the same tab
  4. a socks request with username iplocation.net to host iplocation.net when you reload the page
riastradh-brave picture riastradh-brave on 13 Jun 2018

I'm working on a fix which will block request until proxy config is reload

darkdh picture darkdh on 13 Jun 2018

Is this a race between the caller of CreateRequestContextForStoragePartition and TorSetProxy or something? Why doesn't the CONFIG_UNSET return from GetLatestProxyConfig already block it?

riastradh-brave picture riastradh-brave on 13 Jun 2018

because they are running on different threads, UI vs IO.

darkdh picture darkdh on 14 Jun 2018

@diracdeltas mind adding a test case for QA?

kjozwiak picture kjozwiak on 25 Jun 2018

@kjozwiak yup, the test plan is basically https://github.com/brave/browser-laptop/issues/14390#issuecomment-396682930t - i'll copy it into the issue

diracdeltas picture diracdeltas on 25 Jun 2018
1 🎉1 👍1

Thanks @diracdeltas 馃憤 Wasn't sure if those were sufficient enough so figured I would ask you just incase!

kjozwiak picture kjozwiak on 25 Jun 2018

Verified on Windows 10 x64 using

  • 0.23.16 - 2042c45
  • Muon - 7.1.1
  • libchromiumcontent - 67.0.3396.87
  • Verified on 0.23.17 as well

Verified on Ubuntu 18.04 x64 using the following build:

  • 0.23.16 2042c4572e43fed49765fb3fc8f26d5a7293ac75
  • muon: 7.1.1
  • libchromiumcontent: 67.0.3396.87

Verified with macOS 10.12.6 using

  • 0.23.17 bc754eb
  • Muon 7.1.2
  • libchromiumcontent 67.0.3396.87
srirambv picture srirambv on 25 Jun 2018
Was this page helpful?
0 / 5 - 0 ratings

Related issues

stevespringett picture stevespringett  路  3Comments
bbondy picture bbondy  路  3Comments
jonathansampson picture jonathansampson  路  3Comments
shortstuffsushi picture shortstuffsushi  路  3Comments
bbondy picture bbondy  路  3Comments