Announcement

Epic for iOS and Android are live in the App Store and the Android Play Store. We're EpicBrowser on Twitter and on Facebook. Please feel free to also email our Founder directly with issues or questions: alok at hiddenreflex dot com

Pages: 1

#1 Re: Epic Privacy Browser - Privacy Features & Privacy Concerns » DNS leak in proxy mode » 2017-05-16 10:23:47

mailman

Hi!
Any update about this issue?
I'm not sure why but forum reports 4 posts but only 3 are displayed. Is there a "hidden" reply. Perhaps someone has already answered but his post isn't shown?
Thanks!

#2 Re: Epic Privacy Browser - Privacy Features & Privacy Concerns » DNS leak in proxy mode » 2017-05-01 00:20:05

mailman

Thanks for your reply.

I'm using Windows version of Epic (55.0.2661.75 build) and this what let me ask you about any DNS leak.

  • Step to reproduce:

    1. try turn off any other programms that may issue DNS requests

    2. turn on epic browser, proxy mode

    3. start capturing packets with your favourite sniffer (I used tcpdump, UDP traffic, port 53)

    4. browse to some site (www.yahoo.fr in my test)

  • Expected result
    The only possible DNS request should be about epic proxy

  • Observed result (only first requests, actually there is a bunch of them)
    dump with DNS leak

    1. DNS requests releted to epic occur first, as expected

    2. No DNS request for the targeted hostname, as expected too

    3. a bunch of other DNS request, related to the visited web page

    The combination of points 2 and 3 let me think of a sort of DNS prefetch for the links on the page.

  • Other test

    Start Epic browser with the  --host-resolver-rules="MAP * ~NOTFOUND , EXCLUDE *.epicbrowser.com" flag, as per Chromium doc (see the page about socks-proxy). This page expose the case of a socks proxy but same principle applies to other proxy types too since we are just dealing with chrome behavior, not the proxy)

  • Result

    1. Only the epic proxy hostname shows in DNS requests

    2. no more possible browsing without proxymode (since the browser is unable to solve hostname

    This is the expected behavior with the "--host-resolver-rules" flag

I can't find the "disable prefetch" option in settings where it sits in plain chromium so I first assumed it may be disabled by default. I was just doing a check to be sure and was very surprised to see this leak.

Can you please either explain what I did wrong or how to deal with that.

Thanks

#3 Epic Privacy Browser - Privacy Features & Privacy Concerns » DNS leak in proxy mode » 2017-04-14 09:56:41

mailman
Replies: 7

Hi there!
First, thanks for this browser, great idea!

I'm concerned with some DNS leaks while using the proxy mode. It seems that while the browsed url and all the material that comes along whtih (js, css, img etc.) are well fetched via proxy, some prefetch occurs for urls within the web page.
Please see this packet capture:
dump with DNS leak
It shows DNS request to my ISP while browsing to yahoo.fr with EPIC proxy enabled.
This is a common behavior of chromium. One may be able to disable prefetch or even any DNS requests, ensuring its privacity but it must be with command line flags (eg --host-resolver-rules).

It would be nice:

  • to automatically force "no prefetch" or "no DNS requests" when proxy is activated

  • or to have a GUI option for that (no need to restart the browser)

  • or at least to warn the user about this DNS leak

Any thoughts on this?
Thanks

Pages: 1

Board footer