[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Finger printing

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Finger printing
From: Andrew F <andrewfriedman101@xxxxxxxxx>
Date: Thu, 9 May 2013 19:37:59 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 09 May 2013 15:38:53 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:mime-version:in-reply-to:references:from:date:message-id :subject:to:content-type; bh=b1YV9oedLqJA+phRloXl/J8rcb/gjXUIFyzDUR/iRqk=; b=A7DYC16xAwfdPdGYaOsS88nC7AVrOj73wTLk9CgicaW7U95hFM4e1w4KyNKwjNlpSh /BEtTtZ1ByoKrhexMijegD5zQ4QeFEV2MB6h8OU17fTnivmPFuv6VjXMGwF063My27mb iHw8yXpL4twTrdy8V1Ck0szAYECZ7sHC+ACGuOXIlOx2Lv5JFxDGcdYnkzC3pQ09Me6D kTluqUhNym2rsdwtOFSr75g0nomfaYZE5dEzOEOlFr+OT0bagJP6JqS+eNE1pLmfcAYs oqbGLxpE7x8q/xy8IqvZ4zzQu/GlNJ1TciuKoeDAWKhy7WJr2kJEVbATwIQgRPztF0Ob dMyQ==
In-reply-to: <20130509184828.GD25661@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <CAMnnSdha0gWqjbjV1pR57DybFLDOuS1tAMoNeP5saKP1C4Hhfw@xxxxxxxxxxxxxx> <CAA8U0RT35-qP2K5ncL2frJo4bUbZTXr1R3+TWBvvmZWDG6YT8w@xxxxxxxxxxxxxx> <CAMnnSdgfsLN9yJB6uXAVVUMstc1vNXPdfaSTv0q1hjap09yzxQ@xxxxxxxxxxxxxx> <20130509184828.GD25661@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

Thank you mike, I appreciate the info and the links.
I will however Google first next time.  Sorry.




On Thu, May 9, 2013 at 6:48 PM, Mike Perry <mikeperry@xxxxxxxxxxxxxx> wrote:

> You know, all you people who keep asking the same questions over and
> over again back-to-back in new threads for days on end could try
> Googling first.. It might be just a tad quicker.
>
> See:
>
> https://www.torproject.org/projects/torbrowser/design/#fingerprinting-linkability
> (which is result #3 for "tor browser fingerprinting" on startpage.com's
> Google results).
>
> tl;dr: We prevent read access to the HTML5 Canvas (which doubles as the
> WebGL rendering surface, among other things) to prevent video card,
> font, and other rendering differences from being extracted, hashed, and
> fingerprinted. If you go to certain obnoxious websites (such as
> https://github.com), you can see this defense in action.
>
> We also run WebGL in "minimal mode" which disables disable video card
> and driver-specific extensions, so that this information is not
> available to JS.
>
> Still, WebGL is still a huge beast with an unknown and previously
> unexposed vulnrability surface, which is why we still leave it
> click-to-play via NoScript.
>
> Thus spake Andrew F (andrewfriedman101@xxxxxxxxx):
>
> > I don't believe that the Tor-button changes any of the variables that are
> > linked to the hardware.  And that is the key.
> >
> > What is the point of Tor if fingerprinting works.
> >
> >
> >
> > On Thu, May 9, 2013 at 4:08 PM, SiNA Rabbani <sina@xxxxxxxxxx> wrote:
> >
> > > Tor Button provides certain protections already. That's why its
> important
> > > to use Tor properly. Tor Browser Bundle is shipped with Tor Button
> > > installed:
> > > https://www.torproject.org/torbutton/
> > >
> > > --SiNA
> > > On May 9, 2013 8:56 AM, "Andrew F" <andrewfriedman101@xxxxxxxxx>
> wrote:
> > >
> > > > Some one in Tor-Dev said that finger printing of the system and video
> > > card
> > > > in particular allows someone to be tracked as well as having a
> cookie on
> > > > there system.
> > > >
> > > > That sound pretty serious to me.  Anyone working on this issue?
> > > >
> > > > Do we have any projects on obfuscating Finger print data?
> > > >
> > > > Seems like it should be a top priority.
> > > > _______________________________________________
> > > > tor-talk mailing list
> > > > tor-talk@xxxxxxxxxxxxxxxxxxxx
> > > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> > > >
> > > _______________________________________________
> > > tor-talk mailing list
> > > tor-talk@xxxxxxxxxxxxxxxxxxxx
> > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> > >
> > _______________________________________________
> > tor-talk mailing list
> > tor-talk@xxxxxxxxxxxxxxxxxxxx
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
> --
> Mike Perry
>
> _______________________________________________
> tor-talk mailing list
> tor-talk@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
>
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Finger printing
  - From: Andrew F
- Re: [tor-talk] Finger printing
  - From: SiNA Rabbani
- Re: [tor-talk] Finger printing
  - From: Andrew F
- Re: [tor-talk] Finger printing
  - From: Mike Perry

Prev by Author: Re: [tor-talk] Finger printing
Next by Author: Re: [tor-talk] HTML5 video and Tor anonymity.
Previous by thread: Re: [tor-talk] Finger printing
Next by thread: Re: [tor-talk] Finger printing
Index(es):
- Author
- Thread