[tor-talk] Making TBB undetectable!

[Spencer <spencerone@xxxxxxxxxxxxxxx>]

Hi,

> Ben Tasker:
> The problem you have there, is what to randomize,

The various bits that define your fingerprint.

> but natural's hard to fake

No need to spoof traffic if using real fingerprint variables.

> When we're talking about making the browser unidentifiable as TBB, the 
> very
> act of having something in the fingerprint that changes to prevent
> correlation between sessions provides an avenue by which it can be
> identified as TBB:

I feel like behavior will address the examples for this argument.

> > Spencer:
> > Making people blend into the crowd of regular internet users is best 
> > but
> > only if we resolve the traffic source; i.e., Tor exits.
>
> That's quite an issue to solve though. [Attackers can] map out Tor 
> exits...

True, but we can come up with other ideas than using the public Tor 
exits.

> the aim isn't to hide that you're using Tor
> from your destination, and successfully doing so would (IMO) be a 
> pretty
> non-trivial task

But it is, and I agree :)

> Those are a list of the requests we know are differentiators, it 
> doesn't
> mean that others won't be discovered, you'd need to gamble that 
> anything
> found is publicly disclosed when it's found, rather than kept quiet by 
> an
> adversary.

But this is the case for everybody everywhere.

> What you're essentially asking for is a browser that behaves
> like TBB (i.e. the various privacy protections) whilst pretending it
> behaves like a Google Nexus (for example). It's not that it'd be 
> impossible
> to do, but one tiny mistake or oversight takes you straight back to 
> being
> finger-printable, and almost uniquely so if very few are using
> Unidentifiable Mode.

With the fingerprint, isn't it only valuable over multiple sessions, and 
if others aren't also using that same ID?

> So, you can fairly easily poll for various add-ons. Not sure it'd 
> affect
> your add-on, but seemed worth mentioning.

I don't see this being an add-on as much as being in the settings 
options (which can probably be detected?) where the User Agent is 
located.  The User Agent would be a nice way to simplify the various 
IDs.

The IDs can be open-source and added to other browsers as a standard way 
of providing detectability.

Wordlife,
Spencer

--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk