Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Google Chrome 3.0.195.33 leaks DNS data queries outsitde of proxy if dns pre-fetching is enabled
From: Milan Berger <m.berger () project-mindstorm net>
Date: Tue, 15 Dec 2009 10:14:31 +0100

Google Chrome ... DNS ... sent to the system's configured DNS cache.
that is why #1 at top of big red WARNING box about using Tor properly
says: https://www.torproject.org/download.html.en#Warning
"1. Tor only protects Internet applications that are configured to
send their traffic through Tor — it doesn't magically anonymize all
your traffic just because you install it. We recommend you use Firefox
with the Torbutton extension."

the only way to avoid DNS leaks despite most application configuration
is a transparent Tor proxy that intercepts all DNS and TCP at the
network layer and performs a redirect to the Tor Tcp and DNS Ports.
(see man page.)

Bullshit.
Tor proxies are
a) not the best way
b) many apps like firefox enable using proxy for dns as well as other
connections.

-- 
Kind Regards

Milan Berger
Project-Mindstorm Technical Engineer

--
project-mindstorm.net
Humboldtstrasse 69
90459 Nuremberg
Germany

Tel.: +49 911 27 56 381
Mob.: +49 176 22 98 76 02


http://www.project-mindstorm.net
http://www.digital-bit.ch

twitter: http://twitter.com/twit4c

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]