Open riastradh-brave opened 5 years ago
Some thoughts on how to build this. AIUI, there are two separate problems:
Ideally, we would build something that's easily integrated in CI but perhaps we shouldn't let the perfect be the enemy of the good and start with something simple and go from there.
(Also, feel free to assign this issue to me. I don't have permissions to do it myself.)
Note to myself: brave://net-export seems like the right way to log Brave's network traffic in Tor mode. It produces a NetLog dump (basically a JSON file that one can subsequently analyse at netlog-viewer.appspot.com). We can also start a NetLog dump via the command line:
brave-browser --log-net-log=/path/to/file.json
Once https://github.com/brave/brave-core/pull/8612 is merged, we could point the browser to something like Web Platform Tests by running:
brave-browser --log-net-log=/path/to/file.json --tor https://some-kind-of-test.com
Two notes to myself:
We should set up a test rig for Tor sessions that detects any network activity that does not go through the Tor proxy. E.g., we could mimic the iptables configuration in Tails, and automate doing tests of various kinds in this environment.
(This is a separate task from #4255, which is to do code analysis to find such leaks by studying code and thinking hard. Leaks found by such a test rig would demonstrate that we didn't study hard enough, and possibly inform where else we need to audit.)
[transcribed from https://github.com/brave/muon/issues/466]