Re: [tor-dev] Tor Browser 4.5a5 will change circuit expiry to 2hrs

2015-03-28 Thread s7r
On 3/28/2015 4:34 AM, A. Johnson wrote: Would you still set a max lifetime for a circuit to accept new streams of 2 hours, or would the circuit potentially persist forever? Nick set a max lifetime in his updated version of the patch that also deals with non-Tor Browser activity, but I am

Re: [tor-dev] Tor Browser 4.5a5 will change circuit expiry to 2hrs

2015-03-27 Thread A. Johnson
Hi Mike, Would you still set a max lifetime for a circuit to accept new streams of 2 hours, or would the circuit potentially persist forever? Security losses that such a change would result in (some of which you mention) include: 1. Making it easier for an exit to profile the user because it

Re: [tor-dev] Tor Browser 4.5a5 will change circuit expiry to 2hrs

2015-03-27 Thread Nick Mathewson
On Fri, Mar 27, 2015 at 1:28 AM, Mike Perry mikepe...@torproject.org wrote: Mike Perry: In Tor Browser 4.5a5, we decided to increase MaxCircuitDirtiness to 2 hours (https://trac.torproject.org/projects/tor/ticket/13766). Because we also use Tor's SOCKS username isolation using the URL bar

Re: [tor-dev] Tor Browser 4.5a5 will change circuit expiry to 2hrs

2015-03-27 Thread s7r
Indeed, it would be better if this customization will only apply to circuits requested by Tor Browser (web pages, etc.). Many people just keep Tor Browser running in order to open the Tor socks5 port on localhost, and use that socks proxy with other applications/protocols. Are there any clear

Re: [tor-dev] Tor Browser 4.5a5 will change circuit expiry to 2hrs

2015-03-27 Thread Mike Perry
A. Johnson: Hi Mike, Would you still set a max lifetime for a circuit to accept new streams of 2 hours, or would the circuit potentially persist forever? Nick set a max lifetime in his updated version of the patch that also deals with non-Tor Browser activity, but I am not convinced that a

Re: [tor-dev] Tor Browser 4.5a5 will change circuit expiry to 2hrs

2015-03-27 Thread A. Johnson
Would you still set a max lifetime for a circuit to accept new streams of 2 hours, or would the circuit potentially persist forever? Nick set a max lifetime in his updated version of the patch that also deals with non-Tor Browser activity, but I am not convinced that a max is a great idea

Re: [tor-dev] Tor Browser 4.5a5 will change circuit expiry to 2hrs

2015-03-26 Thread Ken Keys
On 3/26/2015 9:01 PM, Mike Perry wrote: In Tor Browser 4.5a5, we decided to increase MaxCircuitDirtiness to 2 hours (https://trac.torproject.org/projects/tor/ticket/13766). Because we also use Tor's SOCKS username isolation using the URL bar domain as the SOCKS username in Tor Browser 4.5

Re: [tor-dev] Tor Browser 4.5a5 will change circuit expiry to 2hrs

2015-03-26 Thread Mike Perry
Mike Perry: In Tor Browser 4.5a5, we decided to increase MaxCircuitDirtiness to 2 hours (https://trac.torproject.org/projects/tor/ticket/13766). Because we also use Tor's SOCKS username isolation using the URL bar domain as the SOCKS username in Tor Browser 4.5 now, this has the effect that