Full Disclosure mailing list archives
Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled
From: Valdis.Kletnieks () vt edu
Date: Tue, 15 Dec 2009 07:01:22 -0500
On Tue, 15 Dec 2009 10:14:31 +0100, Milan Berger said:
the only way to avoid DNS leaks despite most application configuration is a transparent Tor proxy that intercepts all DNS and TCP at the network layer and performs a redirect to the Tor Tcp and DNS Ports. (see man page.)Bullshit. Tor proxies are a) not the best way b) many apps like firefox enable using proxy for dns as well as other connections.
Not bullshit at all. Taking the points in reverse order: (b) Note that 'many apps" means "mostly avoid", not "totally avoid". You run any app that's not DNS-proxy aware, you just leaked and whoever you're using Tor to avoid is now potentially pounding on your door. Sure, the difference doesn't matter if you're using Tor to be a cool wanker. But if you're using Tor because it *matters*, "98% of apps get it right themselves" is a big *fail*. You really want to enforce 100% correctness whether the app is correct or not. (Stated in another way - sometimes DAC just doesn't cut it, and you really *do* want the added complication of MAC). (a) If you have a better way than a Tor proxy to avoid DNS leaks from programs that don't DNS-proxy themselves, feel free to actually *tell* us what it is, rather than just babble "they aren't the best way". Given you got the *other* point totally wrong, we have no reason to believe a content-free 'not the best way' unless you actually have an evaluatable statement like 'XYZ is better'.
Attachment:
_bin
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled nixlists (Dec 14)
- Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled coderman (Dec 14)
- Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled Milan Berger (Dec 15)
- Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled Valdis . Kletnieks (Dec 15)
- Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled Milan Berger (Dec 15)
- Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled dramacrat (Dec 15)
- Message not available
- Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled dramacrat (Dec 16)
- Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled Christian Sciberras (Dec 16)
- Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled Nick FitzGerald (Dec 16)
- Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled Christian Sciberras (Dec 16)
- Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled Nick FitzGerald (Dec 16)
- Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled Christian Sciberras (Dec 16)
- Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled Jan G.B. (Dec 16)
- Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled Christian Sciberras (Dec 16)
- Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled Milan Berger (Dec 15)
- Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled coderman (Dec 14)