Delivery-Date: Fri, 20 Jun 2014 05:27:45 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by moria.seul.org (Postfix) with ESMTPS id 852311E0E12
	for <archiver@seul.org>; Fri, 20 Jun 2014 05:27:43 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 39B7E301D8;
	Fri, 20 Jun 2014 09:27:41 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 3D4A22FFB4
 for <tor-talk@lists.torproject.org>; Fri, 20 Jun 2014 09:22:57 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id e-ChSquOribe for <tor-talk@lists.torproject.org>;
 Fri, 20 Jun 2014 09:22:57 +0000 (UTC)
Received: from mail-wi0-x235.google.com (mail-wi0-x235.google.com
 [IPv6:2a00:1450:400c:c05::235])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id EC4D82F893
 for <tor-talk@lists.torproject.org>; Fri, 20 Jun 2014 09:22:56 +0000 (UTC)
Received: by mail-wi0-f181.google.com with SMTP id n3so447335wiv.8
 for <tor-talk@lists.torproject.org>; Fri, 20 Jun 2014 02:22:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=message-id:date:from:user-agent:mime-version:to:subject:references
 :in-reply-to:content-type;
 bh=7RfYPzua7bjxXrRzb1CA7rR+2hEdbamfK3L+Fx32QPg=;
 b=RjI9D6fIDY02oLKwUIa0yONHBKkKkpVrsPHOrrcWY3J4lbWPg7S2djiS4rvMLDn0yS
 eFkVAOM23UxfKiTnl0+i5uQUZJFg090ANTtpC8mEW9PomcWaR+vYhoyjHmiYMDdyyNRp
 FiJpLbJyvpVEdPwoFsjJA5/wpNnHWoHmaKlck5E1qyvfkAbcnPrrL6Ky+Kv13fLkDqoO
 HjGVTyft9p7pptqr0jk6YZ/INdOdgqi1M0z9LfjHjqHJzK40Y869d9+jOOq3H5m9DTSG
 bTDnQ60pZtBP4WMQVlFrsP2IN2OS3ouuRrpnn1ZEQkJMcNXpGI4jmn+Srv5T1x0MqlSu
 8xFA==
X-Received: by 10.194.241.199 with SMTP id wk7mr2905177wjc.100.1403256173957; 
 Fri, 20 Jun 2014 02:22:53 -0700 (PDT)
Received: from [192.168.1.11] (ANice-652-1-243-254.w86-203.abo.wanadoo.fr.
 [86.203.114.254])
 by mx.google.com with ESMTPSA id hc4sm14343246wjc.38.2014.06.20.02.22.52
 for <tor-talk@lists.torproject.org>
 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
 Fri, 20 Jun 2014 02:22:53 -0700 (PDT)
Message-ID: <53A3FD72.1080103@gmail.com>
Date: Fri, 20 Jun 2014 11:22:58 +0200
From: Aymeric Vitte <vitteaymeric@gmail.com>
User-Agent: Mozilla/5.0 (Windows NT 6.3;
 rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
References: <53A30C94.1080506@gmx.com> <53A33139.7050405@torproject.org>
 <53A3634D.4010101@gmail.com> <53A3F457.6020309@torproject.org>
In-Reply-To: <53A3F457.6020309@torproject.org>
X-Content-Filtered-By: Mailman/MimeDel 2.1.15
Subject: Re: [tor-talk] Should DOM storage really be enabled by default in
 TorBrowser?
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="iso-8859-1"; Format="flowed"
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>


Le 20/06/2014 10:44, Georg Koppen a =E9crit :
> Aymeric Vitte:
>> That's really strange, why don't you just disable it like cookies,
>> indexedDB, etc?
> Cookies are not disabled in Tor Browser (only third party cookies). And,
> oh, there is this fun bug in Firefox:
>
> https://bugzilla.mozilla.org/show_bug.cgi?id=3D536509
>
> http://scarybeastsecurity.blogspot.com/2009/12/bypassing-intent-of-blocki=
ng-third.html
>
> Georg
>
>
>

So the logic is: we accept non third party cookies, therefore we accept =

localStorage and we suppose localStorage is disabled for third parties.

The problem is that if you block all cookies (like a Tor user should be =

doing visiting sites like yt), the localStorage remains available and =

bypasses cookies blocking, if you take yt, you can see things floating =

in localStorage like yt-remote-device-id {id, creation_date, =

expire=3Dcreation_date+1 year}, even if ephemeral (from your design) it =

persists until you close your browser

And what's the point of allowing localStorage if you allow non third =

party cookies?

There are bugs and unclear behavior of what happens in the main page or =

in iframes, that's usual, everybody knows thhis, unclear behavior =

between different options settings, and unclear behavior of blocking =

options when they exist.

Your examples are the perfect illustration of this, I think at least the =

users should be clearly aware of the risks and have the option to block =

everything.

As I mentioned previously any type of local storage is much more =

dangerous than the usual cookie-like uses, even if we should disregard =

the cases where you are hacking yourself, we can not ignore the fact =

that your local storage can be easily accessed by someone else if you =

give him a chance

I am waiting to read your design document but from my standpoint in the =

frame of the Tor Browser it should be clearly blocked.

-- =

Peersm : http://www.peersm.com
node-Tor : https://www.github.com/Ayms/node-Tor
GitHub : https://www.github.com/Ayms

-- =

tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

