Feature #6149

Wait for Torbirdy patches design documentation

Added by Tails 2013-07-18 11:47:31 . Updated 2016-05-10 04:29:31 .

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Target version:
Tails_2.0
Start date:
Due date:
% Done:

100%

Feature Branch:
Type of work:
Communicate
Blueprint:

Starter:
0
Affected tool:
Email Client
Deliverable for:
268

Description

wait for the design documentation for Torbirdy patches (Feature #6150) (asked on 2013-01-29 in <8538xk1i8q.fsf@boum.org>).

Subtasks

Related issues

Related to Tails - Feature #9493: Write Icedove manual tests for common usecases and security requirements Resolved 2015-05-29

History

#1 Updated by Tails 2013-07-18 11:48:20

#2 Updated by intrigeri 2013-07-19 02:41:52

  • Priority changed from Normal to High

#3 Updated by intrigeri 2013-07-19 09:43:05

  • Starter set to Yes

#4 Updated by intrigeri 2013-07-28 07:25:18

Some explanation for these patches was posted on upstream bug tracker. See parent ticket.

#5 Updated by sajolida 2014-01-04 01:25:39

  • Starter changed from Yes to No

#6 Updated by BitingBird 2014-06-09 09:54:52

  • Subject changed from wait for Torbirdy patches design documentation to Wait for Torbirdy patches design documentation

#7 Updated by sajolida 2014-07-10 20:23:22

  • Priority changed from High to Normal

#8 Updated by intrigeri 2014-08-12 13:44:58

  • Category set to 212

#9 Updated by intrigeri 2015-05-29 12:38:38

  • Assignee deleted (None)
  • Target version set to 246
  • Parent task changed from Feature #6150 to Feature #7064
  • Type of work changed from Wait to Communicate

#10 Updated by sajolida 2015-08-09 08:39:20

Marked as blocked by #8668 as a child of Feature #6154.

#11 Updated by Anonymous 2015-10-27 07:35:32

  • Assignee set to intrigeri
  • QA Check set to Info Needed

Hi,

may you please modify the link in the description so that i can access it?

Thanks!

#12 Updated by intrigeri 2015-10-27 14:37:13

  • Assignee deleted (intrigeri)
  • QA Check changed from Info Needed to Dev Needed

> may you please modify the link in the description so that i can access it?

This is the <8538xk1i8q.fsfboum.org>@ email Message-Id. Apparently the importation to Redmine entity-encoded bits of it. My preferred web search engine points me to https://www.mail-archive.com/tails-dev@boum.org/msg02504.html. Good enough for your needs?

#13 Updated by Anonymous 2015-10-27 14:51:14

Great, thanks!

#14 Updated by sajolida 2015-11-27 04:45:35

  • Target version changed from 246 to Tails_2.0

#16 Updated by Anonymous 2015-12-17 09:52:08

There is no real design documentation.

Simply requirements and notes from tagnaq’s paper.

Problems identified in Thunderbird which Torbirdy seeks to address

  • Thunderbird discloses machine specific clock information (section 3.5.3 and 3.5.4)
  • Thunderbird may discloses the underlying OS (section 3.5.6)
  • Thunderbird requests a website in cleartext at startup, disclosing its version, OS, language and buildid (section 3.6.1)
  • Thunderbird stores and submits an identifying HTTP cookie with a lifetime of five years to Mozilla (section
    3.6.4)
  • Thunderbird discloses the email address in cleartext to the exit node and the network (section 3.6.5)
  • Thunderbird retrieves mail server configurations from a remote server over an insecure channel (section 3.6.5)
  • Thunderbird leaks DNS requests and TCP connections (section 3.6.5)
  • Enigmail leaks DNS requests (section 3.6.6)
  • Enigmail may disclose all keyIDs in the keyring to the exit node and the network (section 3.6.6)
  • Thunderbird may disclose local paths to the IMAP server (section 4.1.4)
  • Thunderbird insecurely handles certain mail header and opens the browser without the user’s consent (section 4.1.4)
  • an attacker might be able to determine Thunderbird’s approximate version (section 4.1.6)

How Torbirdy seeks to address these problems

Modifications

  • remove possibility to load website at startup including “whatsnew” page (3.6.1)
  • replace autoconfiguration with manual configuration (3.6.5)
  • boundary string without prefix in any case (3.5.6)
  • stripe Mozilla specific header from incoming mails (4.1.4)
  • intercept any call to open an external application (4.2.1)
  • implement per account proxy settings including a global proxy for non-mail traffic (4.2.2)
  • implement time-offset fingerprint prevention (4.2.3) > partly accepted, partly pending upstream patch

Configuration options

All options are enabled by default.

  • “make ’connection security’ mandatory”
  • “use common fingerprint” (4.2.4)
  • “HSTS state reset on shutdown”
  • “ignore MDN requests silently”
  • “disable HTML parsing”
  • “do not display attachments inline”
  • “make URLs in emails not clickable”
  • “display warning when setting up an IMAP account”
  • “display warning if multiple accounts share the same proxy”
  • “display warning when adding attachment”

The Torbirdy developers ask that “somebody” checks the code against these requirements.

#17 Updated by Anonymous 2015-12-17 10:14:52

  • related to Feature #9493: Write Icedove manual tests for common usecases and security requirements added

#18 Updated by Anonymous 2015-12-18 07:44:06

  • Status changed from Confirmed to Resolved

I think this ticket can be closed now. The 2 patches there were to be merged upstream have been and I doubt that anybody will write any more design documentation. As said by Sukhbir on tails-icedove@, they did not take any notes about it and would need a code review at some point.

#19 Updated by intrigeri 2016-05-10 04:29:31

  • Assignee deleted ()
  • % Done changed from 0 to 100