[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #1816 [Torbutton]: Create a prototype Content Script for Google Chrome

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #1816 [Torbutton]: Create a prototype Content Script for Google Chrome
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Wed, 01 Sep 2010 07:25:17 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 01 Sep 2010 03:25:25 -0400
In-reply-to: <049.4661c82f800adcaf172de06e2834b2a7@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bugs reporting list for trac <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <049.4661c82f800adcaf172de06e2834b2a7@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#1816: Create a prototype Content Script for Google Chrome
------------------------+---------------------------------------------------
  Reporter:  mikeperry  |       Owner:  mikeperry
      Type:  task       |      Status:  closed   
  Priority:  normal     |   Milestone:           
 Component:  Torbutton  |     Version:           
Resolution:  fixed      |    Keywords:           
    Parent:  #1770      |  
------------------------+---------------------------------------------------

Comment(by mikeperry):

 Eek, it turns out that it is possible to fingerprint that certain addons
 are installed by sourcing their chrome-extensions urls from page script.
 If the addon is installed, the page will source. If it is not installed,
 the page won't source and you can detect this by either catching an
 exception or registering a listener for onerror.

 This is bad for Torbutton's undiscoverability requirement:
 https://www.torproject.org/torbutton/design/#undiscoverability

 However, I'm guessing a lot of addons inject tags that source things from
 their own addons dir into pages they have permissions over.. Bleh. Maybe
 this is something we can use Web Request to handle.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/1816#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #1888 [Tor Relay]: Some small problems with my relay
Next by Author: Re: [tor-bugs] #1789 [Tor Relay]: Wake-up from Hibernation Occurs Day 1 Each Month
Previous by thread: Re: [tor-bugs] #1888 [Tor Relay]: Some small problems with my relay
Next by thread: Re: [tor-bugs] #1816 [Torbutton]: Create a prototype Content Script for Google Chrome
Index(es):
- Author
- Thread