electrum leaks when socks proxy is used

[asn-d6]

Hi there,

if you configure electrum with a SOCKS5 proxy, you get both DNS and HTTP leaks. Electrum does DNS requests for services like electrum.org, and does direct HTTP queries to some bitcoin exchanges to learn the current rates.

This is a quite serious problem, since Electrum is advertised as "secure", and a leaking proxy is a pretty big issue for a bitcoin client IMO.

[ghost]

Not only does it leak but for me on Winx64 it actually connected to whatever preemptive address was set and did NOT go through the proxy. This is very serious.

[asn-d6]

Indeed. FWIW, this is actually old news to the developers:
#207
#147

"Safe" and "Tested and audited" just like the website says.

[ser]

I have noticed proxy is being respected only when you use unencrypted TCP.

SSL, HTTP, HTTPS connections are going directly even if proxy is checked, which is really serious security issue!

[armisamimi]

I can confirm what @ser mentioned. This makes proxy support useless, since using SSL without tor is better than using tor without SSL.
Another issue is that if tor is not running, electrum still connects to its servers (which means there is no way to verify that information is actually going through tor).

[ecdsa]

the http requests to get the exchange rate are now part of a plugin, and no longer performed by default.
I'm still working on this, though

[ecdsa]

one more fixed here: 89a9ce2
the dns issue remains, though

[ecdsa]

http leaks are fixed.
all that remains here is a dupe of #147, so I'm closing this issue