Bug #8088

Unsafe browser cannot login to captive portals since 1.2 RC

Added by emmapeel 2014-10-13 04:13:38 . Updated 2014-11-15 11:43:00 .

Status:
Rejected
Priority:
Normal
Assignee:
Category:
Target version:
Start date:
2014-10-13
Due date:
% Done:

0%

Feature Branch:
Type of work:
Test
Blueprint:

Starter:
Affected tool:
Deliverable for:

Description

Two users have reported with whisperBack that captive portals where they logged in with unsafe browser from Tails 1.1.2 cannot connect with Tails 1.2 rc.

One found a very interesting detail:

This location is one I can connect to the wireless with every tails version from 1.1.2 and backwards.

At this location I can ping the wifi access point, my IP and a redirection IP. Yes, this particular site is really spooky. I suspect but don’t know for sure but I would guess this site grabs all sorts of customer data. Why? Because it can. Tails is really handy here. But the new 1.2 rc unsafe browser will not play with it.

Below is the failed tor log that I saved. It looks to me like the Unsafe is really trying to connect as a typical tor connection.

10/12/2014 16:46:58.932 [NOTICE] New control connection opened from 127.0.0.1. 
10/12/2014 16:46:59.924 [NOTICE] New control connection opened from 127.0.0.1. 
10/12/2014 16:47:00.938 [NOTICE] New control connection opened from 127.0.0.1. 
10/12/2014 16:47:01.951 [NOTICE] New control connection opened from 127.0.0.1. 
10/12/2014 16:47:02.965 [NOTICE] New control connection opened from 127.0.0.1. 
10/12/2014 16:47:03.979 [NOTICE] New control connection opened from 127.0.0.1. 
10/12/2014 16:47:04.991 [NOTICE] New control connection opened from 127.0.0.1. 
10/12/2014 16:47:06.500 [NOTICE] New control connection opened from 127.0.0.1. 
10/12/2014 16:47:07.190 [NOTICE] New control connection opened from 127.0.0.1. 
10/12/2014 16:47:08.330 [NOTICE] New control connection opened from 127.0.0.1. 
10/12/2014 16:47:08.940 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections. 
10/12/2014 16:47:08.940 [NOTICE] Caching new entry debian-tor for debian-tor 
10/12/2014 16:47:08.940 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections. 
10/12/2014 16:47:08.940 [NOTICE] Caching new entry debian-tor for debian-tor 
10/12/2014 16:47:08.940 [NOTICE] DisableNetwork is set. Tor will not make or accept non-control network connections. Shutting down all existing connections. 
10/12/2014 16:47:08.940 [NOTICE] Caching new entry debian-tor for debian-tor 
10/12/2014 16:47:08.950 [NOTICE] Opening Socks listener on 127.0.0.1:9050 
10/12/2014 16:47:08.950 [NOTICE] Opening Socks listener on 127.0.0.1:9061 
10/12/2014 16:47:08.950 [NOTICE] Opening Socks listener on 127.0.0.1:9062 
10/12/2014 16:47:08.950 [NOTICE] Opening Socks listener on 127.0.0.1:9150 
10/12/2014 16:47:08.950 [NOTICE] Opening DNS listener on 127.0.0.1:5353 
10/12/2014 16:47:08.950 [NOTICE] Opening Transparent pf/netfilter listener on 127.0.0.1:9040 
10/12/2014 16:47:08.950 [NOTICE] Caching new entry debian-tor for debian-tor 
10/12/2014 16:47:08.950 [NOTICE] Renaming old configuration file to "/etc/tor/torrc.orig.1" 
10/12/2014 16:47:08.712 [NOTICE] Bootstrapped 5%: Connecting to directory server 
10/12/2014 16:47:08.718 [NOTICE] Bootstrapped 10%: Finishing handshake with directory server 
10/12/2014 16:47:09.460 [NOTICE] New control connection opened from 127.0.0.1. 
10/12/2014 16:47:15.940 [WARN] Tried connecting to router at [IP stripped by emmapeel]:443, but identity key was not as expected: wanted  [hash stripped by emmapeel] but got [hash stripped by emmapeel]. 
10/12/2014 16:49:12.151 [WARN] Tried connecting to router at [IP stripped by emmapeel]:443, but identity key was not as expected: wanted [hash stripped by emmapeel] but got [hash stripped by emmapeel]. 

Below is the message I get when I close the unsafe browser down.

(( Unable to save Tor settings.

Please ensure that Tor is running.))

=

also another report, though user is not so tech savvy, is available. I can not test this right now, hopefully someone can reproduce it?


Subtasks


History

#1 Updated by intrigeri 2014-10-13 04:36:30

  • Description updated
  • Assignee set to emmapeel

#2 Updated by intrigeri 2014-10-13 04:38:18

We need to know:

  • whether they can connect via a Wi-Fi AP that doesn’t require going through a captive portal (it might be that the problem they’re seeing is totally unrelated to captive portals)
  • whether using a Tor bridge (ideally, obfs3) fixes the problem for them
  • what exactly these users are doing
  • what exactly they’re seeing
  • what’s in /var/log/syslog

#3 Updated by intrigeri 2014-10-15 06:46:09

  • Target version changed from Tails_1.2 to Tails_1.2.1

Lacks info => postponing.

#4 Updated by sajolida 2014-10-15 16:24:07

In the end, wasn’t that a temporary problem with the captive portal
itself as investigated by anonym?

#5 Updated by intrigeri 2014-10-21 08:50:08

  • Assignee changed from emmapeel to anonym

Ping?

#6 Updated by anonym 2014-11-06 20:26:13

  • Status changed from New to Rejected
  • Assignee deleted (anonym)

Don’t know what to do about this one without further info. I’ll close it, and if we get more info we can just reopen it.

#7 Updated by emmapeel 2014-11-15 11:43:00

There is no new information. Maybe there were changes on the captive portals…

I will let anonym know if something changes!