Tor Browser Bundle Using Open DNS!

Discussion in 'privacy problems' started by ex_ployt_ed, Jan 31, 2010.

Thread Status:
Not open for further replies.
  1. ex_ployt_ed

    ex_ployt_ed Registered Member

    Joined:
    Jan 31, 2010
    Posts:
    26
    I’ve been experiencing some strange behavior with the Tor Browser Bundle (the latest version, 1.3.31) over the last week or so, such as:

    -Open DNS place holders/ re-directs

    - http://www.opendns.com/welcome/intro/ saying
    "Your network is using open dns" - even after refreshing the page several times, after clicking 'new identity'

    - ‘Live preview’ at http://www.opendns.com/about/share/ says “You're using Open DNS"

    (By the way, does anyone know if there is a reason why the Open DNS home page doesn't have such a feature showing whether or not one is using the service?)

    -Typos like gogle.com automatically re-directing to google.com

    Note that all other indications are that I am using Tor: Tor Button enabled, numerous IP checks show an IP other than my real one.

    This is with a dial-up connection and whereas previously, even when I had configured Dial-Up Networking to use Open DNS, using the Tor Browser Bundle seemed to bypass Open DNS, now I’ve had the above happen even when my connection is not set to use Open DNS.

    Anyone experience anything similar or have any idea what could be going on?

    Thanks for any help.

    EDIT: Perhaps I should note that lacking the requisite knowledge to do so, I did not verify the PGP signature of the TBB before using it.

    Barring DNS manipulation and assuming one was careful to download from the authentic Tor site, how likely is a Tor (or any other, for that matter) download to be rogue? My impression is that it is extremely unlikely.
     
    Last edited: Jan 31, 2010
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    Agreed
     
  3. noblelord

    noblelord Registered Member

    Joined:
    Aug 19, 2009
    Posts:
    162
    Location:
    UK
    On another note, I'm a Xerobank customer and that page tells me I'm using openDNS. I do get the custom Xerobank error page when I try to visit an invalid domain however.
     
  4. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,582
    Location:
    European Union
    This page has nothing to do with using or not using OpenDNS. It just simply displays a picture with the text "Your network is using OpenDNS". It is not an OpenDNS usage check.
     
  5. hierophant

    hierophant Registered Member

    Joined:
    Dec 18, 2009
    Posts:
    854
    Right, it's the welcome page after signing up! If you want to know what DNS servers you're using, and how spoofable they are, go to https://www.grc.com/dns/dns.htm.
     
  6. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,094
    If you use Firefox with Tor, it is necessary to set the booean variable to true for using the remote DNS feature, otherwise, if your router is either set to your ISP or OpenDNS servers for DNS service then obviously, it is those DNS servers that your Tor session will be using - not a good idea if you do not want your DNS usage logged by your ISP.

    The variable(s) which need to be set to true are (use the about:config Firefox webpage in your browser's profile to find and set the values):
    network.proxy.socks_remote_dns and
    extensions.torbutton.saved.socks_remote_dns

    -- Tom
     
  7. ex_ployt_ed

    ex_ployt_ed Registered Member

    Joined:
    Jan 31, 2010
    Posts:
    26
    Thanks for pointing that out.

    Nonetheless, as I noted in my original post, the 'live preview' at http://www.opendns.com/about/share/ said "You're using Open DNS".
    That is supposed to be a live check.

    Also, I got at least one or two Open DNS placeholder pages in place of 404's as well.

    But I never signed-up for Open DNS.

    So the question remains how and why I got directed to that page in the first place while using the Tor Browser Bundle.

    lotuseclat79: Thank you for the info. but there's no router; my only connection was dial-up.

    Furthermore, as I noted in my original post, before experiencing what I described, using Tor Browser Bundle seemed to bypass Open DNS even when I had dial-up networking (Win 2k) configured to use the Open DNS servers.

    In contrast, what I described in my original post occurred even when using connections that were not configured to use Open DNS.
    ............

    UPDATE: Bizarre Experience- Related?

    Not long after making my original post, I was unable to connect to any site-- both in regular Firefox Portable as well as Internet Explorer. (Not using Tor or any proxy configuration of any type.)

    Tried several different access numbers. Same thing with all of them:
    Connection would appear okay but would be completely 'dead'- wouldn't take me anywhere. (This happened regardless of whether DUN was configured to use Open DNS or to use "server assigned DNS address")

    But that's not even the half of it...

    Were it not for what followed, I would have figured it was probably just corrupted dial-up networking.

    I restored to a system image I had made with Easesus TODO Backup well before any of these problems had started, only to get the same completely 'dead connections'! (I did not notice any other unusual behavior)

    I would have figured that it must have been my ISP but I had experienced the exact same problem in the past on a different system running Windows XP. Then, the problem had persisted even after restoring to a point prior to its appearance (via 'system restore'). Immediately after a fresh install of XP, however, the connection problem disappeared.

    So now, on this system running Win 2k, I booted into a GNU+Linux live CD and, lo and behold, was able to connect just fine using the same access numbers and modem!

    Any ideas?
     
Loading...
Thread Status:
Not open for further replies.