[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Risk of selectively enabling JavaScript

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Risk of selectively enabling JavaScript
From: Luther Blissett <lblissett@xxxxxxxxxxxxx>
Date: Tue, 07 Jan 2014 21:07:26 -0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 07 Jan 2014 18:11:40 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paranoici.org; s=stigmate; t=1389136053; bh=J7YFert2W//8BoVaaEeP/r9tEXS8VFXn5Kd5f2vqD/8=; h=Subject:From:To:Date:In-Reply-To:References; b=hn7wk0ZXTdToLE/pcZMtcYKyodsU7AjR7zAACG+OQUmv4GsEycBApHzWkfZUa/u0T JYe9E9KtGugo7fZ/jLwGEW79hJkxQh4ER4wxMLSVvtpaKAvO5jHvum9U01rePjLUsf jUxre0tswN++XxxsnByNyPpoLTzfWs1gYvD4Kdtk=
In-reply-to: <52CBE99B.5080504@xxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <52CAEA49.1030201@xxxxxxxxxx> <52CBE99B.5080504@xxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

On Tue, 2014-01-07 at 12:48 +0100, Gerardus Hendricks wrote:
> > TBB enables JavaScript by default, presumably because many websites need
> > JavaScript.  NoScript can be used to selectively allow JavaScript from
> > certain domains, but doing so could make it possible to fingerprint your
> > Tor use.
> Let us try to define what "fingerprinting Tor use" means exactly. It 
> clearly does not mean "detect if you are using Tor". It probably has 
> more to do with detecting that a certain single TorBrowser installation, 
> including all its settings and plugins, is communicating with a certain 
> server. An adversary could detect this at the side of the exit node 
> (possibly even in the case of encrypted traffic), but more importantly 
> it can be detected at the side of the server.
> 
> When does the fingerprinting attack matter? Does it only apply when a 
> user is using the same TorBrowser installation for identities or 
> behaviors that the user wishes to keep separate? It is already 
> recommended to restart the TorBrowser to disconnect behaviors. Wouldn't 
> it be also recommendable to use different TorBrowser installation for 
> different behaviors, or is this going too far?

This is probably the best course of action in lack of further studies
(no I did not read the freehaven yet) on the feasibility of such
attacks. Suppose they are somehow able, what can you ado to add fuzz on
the data they get. Using different browsers for different kinds of
commitments at least make them need to account for this kind of behavior
on a growing percentage of telco users. Worst case scenario is if
everyone is using TBB same version full time except you, but from what I
experience people on tor are doing all kinds of stuff, not just one. So
I'd say keep experimenting and ping here if you find something weird in
it's normality. 

-- 
010
001
111

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Risk of selectively enabling JavaScript
  - From: dhanlin
- Re: [tor-talk] Risk of selectively enabling JavaScript
  - From: Gerardus Hendricks

Prev by Author: Re: [tor-talk] Signing up for checking account over Tor
Next by Author: Re: [tor-talk] Thunderbird and Tor - question/s.
Previous by thread: Re: [tor-talk] Risk of selectively enabling JavaScript
Next by thread: Re: [tor-talk] Risk of selectively enabling JavaScript
Index(es):
- Author
- Thread