Delivery-Date: Tue, 22 Mar 2016 20:08:00 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	T_RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id C1DC31E0AB1;
	Tue, 22 Mar 2016 20:07:58 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id AD98839272;
	Wed, 23 Mar 2016 00:07:51 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 3248035329
 for <tor-talk@lists.torproject.org>; Wed, 23 Mar 2016 00:07:48 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id H7pZFFHrkT9X for <tor-talk@lists.torproject.org>;
 Wed, 23 Mar 2016 00:07:48 +0000 (UTC)
Received: from turtles.fscked.org (turtles.fscked.org [76.73.17.194])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id 1533431E42
 for <tor-talk@lists.torproject.org>; Wed, 23 Mar 2016 00:07:48 +0000 (UTC)
Date: Tue, 22 Mar 2016 17:08:35 -0700
From: Mike Perry <mikeperry@torproject.org>
To: tor-talk@lists.torproject.org
Message-ID: <20160323000835.GJ15350@torproject.org>
References: <259387.67882.bm@smtp146.mail.ir2.yahoo.com>
MIME-Version: 1.0
In-Reply-To: <259387.67882.bm@smtp146.mail.ir2.yahoo.com>
Subject: Re: [tor-talk] Extend auto-IP-switching-time in TorBrowser (and
 depending from time of inactivity)
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============2387691149698719026=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>


--===============2387691149698719026==
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature"; boundary="sdJFN6SSISdF2ksn"
Content-Disposition: inline


--sdJFN6SSISdF2ksn
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Ben Stover:
> As far as I know TorBrowser switches automatically every 10 minutes the n=
ode chain resp. the IP of the ExitNode.
>=20
> Can I somehow extend this timeout time to another value e.g. 30 minutes?
>=20
> Or (even better) can I let Tor auto-switch the IP and chain depending fro=
m the time of inactivity (.e.g when 15 minutes no
> web page is called)?

We had a long discussion about this in
https://trac.torproject.org/projects/tor/ticket/15482. Ultimately, a fix
was merged to Tor, but it did not cause Tor to update its circuit
discard timeout (the "dirtyness" timeout) upon stream detach.

I have also noticed worse behavior since Tor Browser switched from the patc=
h I
wrote in
https://trac.torproject.org/projects/tor/attachment/ticket/15482/0001-Bug-1=
5482-Don-t-abandon-circuits-that-are-still-in-u.patch
to the version in Tor today.

I also agree we should be more aggressive about keeping circuits in use.
I think we should go back to updating this timeout when streams are
closed, otherwise we risk the situation where HTTP KeepAlive keeps an
idle stream open for several minutes, and then when that stream closes,
it is more likely that a new stream will go on a separate circuit
because the timeout expired while the stream was open but idle.

This situation will only get worse if/when we enable HTTP 2.=20

I have noticed websites switching language on me mid-use as a result.
This is extremely bad for usability, and makes no sense for privacy on
the web, since web sessions contain plenty of identifying information
when they resume, regardless of what circuit they use. In my
not-so-humble opinion here, the Tor network usage should match Tor
Browser's identifier protections exactly. Any mismatch is just bad
usability for no privacy gain...


--=20
Mike Perry

--sdJFN6SSISdF2ksn
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJW8d6DAAoJEOI7sywPEpQCA6sQAJLBzjCPiSTJYK9xALu8uNt4
xljsQHjLVIsVLKUwKy/q0o9XvSybeTiCvBI9fZF04le1pWemu3fnU/cwRUhb0pfz
HoUHP1+3Ng13d+R0VBgEaPkTrSrmtWbtS6fUYAUf5X00D1mVcza5AxSYUjUBX8ls
7vL7tAbxq4V9avT+Ij9GrPothiYmxWWg8zgVxH0yg8srLjF+iDHi+vxmEet76hNj
dfynX/s8vcM3aoK86vMwOrRjLdD9ZWP+29JSzamBB/5U3vIdq8vl2G76TrNkmpNG
wwmtBz7hJsBsCfeGULuIGFOVcXsFyaZSCp8NChrY/WvMJ1MMl0UwPnW2JH2UoNKX
hW2+bucRzAGcMtaz6M+slUTZe0mPyIhY8tlFZt7XkA6NOI9vleDFHRxWmbAbl0+r
4V2eB9810TIJ1iBQMBYD2Dj1hTA6hasMmQkkMSDhEbk/xSFWAm2pcm8mHM7F6f0t
SSFTlAKraau+hYQJo6/3pyy0jymwm/LkuuBPsFPnPphkpbg7I/e0SxkfIO/rhR8l
2Qp7QhEIpXJ+lweNYtd5mzTo6L3aHgyQzb1rLuScKKvLDy5kvG8f+yQQjKzyyRrr
4V82bLe9DxuYhb3YgHv2f8F4RvBXyCSro6/8IgX9punFNyJbDq5byosgUgmKyjaP
srW7uAZkmGRpV3FdxovQ
=8fYB
-----END PGP SIGNATURE-----

--sdJFN6SSISdF2ksn--

--===============2387691149698719026==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

--===============2387691149698719026==--

