[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #16336 [Tor Browser]: Make sure the User Timing API does not provide a new high resolution timestamp

Subject: Re: [tor-bugs] #16336 [Tor Browser]: Make sure the User Timing API does not provide a new high resolution timestamp
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 24 Jun 2015 08:59:50 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 24 Jun 2015 04:59:59 -0400
In-reply-to: <042.4fc736e490e23cf8350eabd730b9c83f@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <042.4fc736e490e23cf8350eabd730b9c83f@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#16336: Make sure the User Timing API does not provide a new high resolution
timestamp
-------------------------+-------------------------------------------------
     Reporter:  gk       |      Owner:  tbb-team
         Type:  task     |     Status:  new
     Priority:  normal   |  Milestone:
    Component:  Tor      |    Version:
  Browser                |   Keywords:  ff38-esr, tbb-fingerprinting-time-
   Resolution:           |  highres, tbb-pref, MikePerry201506
Actual Points:           |  Parent ID:
       Points:           |
-------------------------+-------------------------------------------------
Changes (by mikeperry):

 * keywords:  ff38-esr, tbb-fingerprinting-time-highres => ff38-esr, tbb-
     fingerprinting-time-highres, tbb-pref, MikePerry201506


Comment:

 In fact this is a DOMHighresTimeStamp. Units are milliseconds, but
 resolution is at least microseconds (and even higher resolution for
 Mozilla Firefox, depending on CPU model).

 This API also allows content to store names for timers and timestamps (in
 what scope? who knows.. the [http://www.w3.org/TR/2013/REC-user-
 timing-20131212/#privacy-security privacy section of the W3C spec]
 basically just takes a shit on any privacy concerns), complicates things
 like #16110, and the API generally appears to be useless from a practical
 point of view.

 I say we disable it for now, and maybe even forever. The
 dom.enable_user_timing pref does in fact seem to work.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16336#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #16336 [Tor Browser]: Make sure the User Timing API does not provide a new high resolution timestamp
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #14135 [Pluggable transport]: Incorrect SocksListener temporary error check
Next by Author: Re: [tor-bugs] #16437 [Tor]: [warn] Failed to find node for hop 0 of our path. Discarding this circuit.
Previous by thread: Re: [tor-bugs] #16336 [Tor Browser]: Make sure the User Timing API does not provide a new high resolution timestamp
Next by thread: Re: [tor-bugs] #16336 [Tor Browser]: Make sure the User Timing API does not provide a new high resolution timestamp
Index(es):
- Author
- Thread