- From: Philipp Hancke <fippo@goodadvice.pages.de>
- Date: Tue, 10 Feb 2015 07:36:06 -0800
- To: public-webrtc@w3.org
changing subject. Am 05.02.2015 um 22:02 schrieb Harald Alvestrand: [...] > I would see much more benefit in someone trying for a writeup that > describes precisely the threat they see, what mitigations they see > against the possible threat, and - importantly - what functionality we > would lose by implementing those mitigations. So here is one aspect I found worrying: socks proxies. When using a socks (v4) proxy (ssh -D, apparently also a common setup for some tor users) and there exists a "more direct route" to the internet, the "public ip" is "exposed". Possible mitigation: WebRTC should honor the proxy settings. Here, this would mean disabling UDP. Any TCP traffic (including TURN and ICE-TCP) is routed via the socks server. As a result, instead of the "public ip" the one of the socks server is exposed. Which is what happen for all other kinds of requests as well. Functionality loss: With UDP disabled, TURN/TCP or TURN/TLS are going to be used via the proxy. Sites that don't use TURN/TCP or TURN/TLS are not going to work. This might affect datachannel-only use-cases that elide TURN by routing via an overlay mesh. This increases the load on the socks server. I don't think this is relevant, socks has been used for filetransfer in the past so proxies should be able to deal with that. RETURN can allow optimizing this by making TURN traffic go over dedicated TURN servers or allowing it to leak. This is mostly a question of what the user expectation is regarding leakyness. I don't know about users. I only spoke to one who was using tor occasionally and concerned.
Received on Tuesday, 10 February 2015 15:37:12 UTC