Hi!
Since we now include Torbrowser patches, we gained the
`network.proxy.socks_remote_dns` preference.
Its implemented in:
<
https://gitweb.torproject.org/torbrowser.git/blob/maint-2.2:/src/current-patches/firefox/0016-Prevent-WebSocket-DNS-leak.patch>
When this option is true, Firefox will fail every name resolving request
that is not going through a proxy (except when asked the noop that is
resolving an IP address).
socks_remote_dns is set to true by Torbutton. This is currently seen as
mandatory: when set to false, Torbutton assumes we are out of "Tor mode"
and display a broken onion.
This state of affairs currently breaks (at least) two things in Tails
0.14:
* Access to the I2P router console through `
http://localhost:7657/`.
* The Monkeysphere extension is not able to connect the validation
agent. (This one also requires a new whitelist rule in FoxyProxy
to fully work again.)
Both can be fixed by using `127.0.0.1` instead of `localhost`. That's
good enough if there's not an army of similar issues behind.
But given that Tails system resolver is using Tor, this already takes care
of the leaks that `socks_remote_dns` prevents. So we could also modify
Torbutton think good things about our torrified system resolver.
What do you think?
--
Ague