New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
electrum leaks when socks proxy is used #224
Comments
Not only does it leak but for me on Winx64 it actually connected to whatever preemptive address was set and did NOT go through the proxy. This is very serious. |
I have noticed proxy is being respected only when you use unencrypted TCP. SSL, HTTP, HTTPS connections are going directly even if proxy is checked, which is really serious security issue! |
I can confirm what @ser mentioned. This makes proxy support useless, since using SSL without tor is better than using tor without SSL. |
the http requests to get the exchange rate are now part of a plugin, and no longer performed by default. |
one more fixed here: 89a9ce2 |
http leaks are fixed. |
dash_ps: allow set absolute denoms count to mix
Hi there,
if you configure electrum with a SOCKS5 proxy, you get both DNS and HTTP leaks. Electrum does DNS requests for services like electrum.org, and does direct HTTP queries to some bitcoin exchanges to learn the current rates.
This is a quite serious problem, since Electrum is advertised as "secure", and a leaking proxy is a pretty big issue for a bitcoin client IMO.
The text was updated successfully, but these errors were encountered: