[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Spoofing a browser profile to prevent fingerprinting

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Spoofing a browser profile to prevent fingerprinting
From: Mirimir <mirimir@xxxxxxxxxx>
Date: Tue, 29 Jul 2014 11:33:26 -0600
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 29 Jul 2014 13:42:23 -0400
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=riseup.net; s=squak; t=1406655220; bh=FJ2JcsHyuDoIx7gRFA+GRkWWJnsdZvZFZAKPEK3NQUU=; h=Date:From:To:Subject:References:In-Reply-To:From; b=Sg9wLEGD+F6IKwlL8BgDDKb0ucanLUXNEJx1Kcpp6Jl0R4hBsFSAI+L4wQJhYvJqy j8FBKh8bvZrvTDKR/aO8u3MfHLXjR1K9uaJ5WCqPN54SjtHTWZni5f63y10aKiL4Du g6f4ZBmGN+cZcpiYdPXD5it2y6fZjJWl9RE9S7g8=
In-reply-to: <53D7D565.4030203@xxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <53D3F004.6070209@xxxxxxxxx> <53D6E666.9070108@xxxxxxx> <53D7629D.2090701@xxxxxxxxx> <201407291809.54908.openpgp@xxxxxxxxxxxxxxx> <53D7CE6D.1080408@xxxxxxxxxx> <53D7D565.4030203@xxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.0

On 07/29/2014 11:09 AM, Aymeric Vitte wrote:
> Sorry, I forgot to say: it's not operational, it was working but I
> stopped it after a crowdfunding campaign which turned to be a flop,
> meaning that nobody cares.

:(

> But the concepts still stand, even if complicate, the requirements were
> that it should work without disturbing the browser's behavior or hacking
> into it (so it works from any browser) and the basic principles were
> that there was no point of tracking you on a fake domain, here it does
> not really depend on how many people are using it, you just behave like
> a normal user on a non existing domain.

Yes, as I understand it, everyone using it would effectively be using
the same browser, and only viewing the output through their local
browser. So the website always sees the proxy browser. Is that right?

Would the proxy browser always show the current Tor browser fingerprint?

> An issue was that people need to set the proxy settings to the server
> that is relaying the data, so not very user friendly...
> 
> Probably the video demo was more self explainatory, I will put it back
> on yt and provide the link

Thank you.

> I think now that it was too complicate but maybe some inspiration can
> come from it.
> 
> Regards,
> 
> Le 29/07/2014 18:40, Mirimir a Ãcrit :
>> On 07/29/2014 10:09 AM, OpenPGP wrote:
>>> Hi all,
>>>
>>> has anybody tried the solution mentioned in http://www.ianonym.com ?
>>> I'm just reading all the stuff and information but feel a bit lost :p
>>> how to
>>> set it al and use it ;)
>> My word, that is complicated!
>>
>> But even so, if only a few use it with Tor, they probably stand out.
>> More generally, the greater the diversity of anonymization options, the
>> less anonymity there is :(
>>
>>>> Aymeric Vittesal:
>>>> ...
>>>> Or unless you use something like http://www.ianonym.com, it was
>>>> designed
>>>> to defeat all forms of tracking/fingerprinting with the fake domain
>>>> concept and hide your destination even with https.
>>>>
>>>> Since it takes control over the whole web page, the js interactions are
>>>> sandboxed with a script to "tame" the page, a prototype was working but
>>>> maybe it's a bit too complicate...
>>>>
>>>> Regards
>>> â
>>>
>>>
>>> ______________________________
>>> http://www.openpgp.org
>>> https://www.gnupg.org
>>> ______________________________________________________________
>>>
>>>
>>>
> 
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Spoofing a browser profile to prevent fingerprinting
  - From: Aymeric Vitte

References:
- [tor-talk] Spoofing a browser profile to prevent fingerprinting
  - From: Craw
- Re: [tor-talk] Spoofing a browser profile to prevent fingerprinting
  - From: Joe Btfsplk
- Re: [tor-talk] Spoofing a browser profile to prevent fingerprinting
  - From: Aymeric Vitte
- Re: [tor-talk] Spoofing a browser profile to prevent fingerprinting
  - From: OpenPGP
- Re: [tor-talk] Spoofing a browser profile to prevent fingerprinting
  - From: Mirimir
- Re: [tor-talk] Spoofing a browser profile to prevent fingerprinting
  - From: Aymeric Vitte

Prev by Author: Re: [tor-talk] Spoofing a browser profile to prevent fingerprinting
Next by Author: Re: [tor-talk] Spoofing a browser profile to prevent fingerprinting
Previous by thread: Re: [tor-talk] Spoofing a browser profile to prevent fingerprinting
Next by thread: Re: [tor-talk] Spoofing a browser profile to prevent fingerprinting
Index(es):
- Author
- Thread