use a random socks auth/pass for better stream isolation?


ID: 127
PHID: PHID-TASK-a735yuot6xyxisbhqxcr
Author: Patrick
Status at Migration Time: resolved
Priority at Migration Time: Normal


Now that T126 is done, we can consider using a random socks auth/pass for #tb-updater. Because of Tor’s IsolateSOCKSAuth this would lead to use a fresh circuit and therefore maybe a different Tor exit every time tb-updater is run. If one Tor exit is mounting a denial of service or perhaps other attack [ssl mitm + downgrade attack etc.], chances would be better that it would be solved by next run.

Does anyone see any bad effects when doing this?



2016-06-23 12:25:22 UTC