[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #28621 [Applications/Tor Browser]: Investigate "website fingerprinting through cache occupancy channel"



#28621: Investigate "website fingerprinting through cache occupancy channel"
--------------------------------------+--------------------------
 Reporter:  arthuredelstein           |          Owner:  tbb-team
     Type:  defect                    |         Status:  new
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:                            |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------

Comment (by tom):

 I skimmed it. This one kind of sucks. There are no reasonable
 countermeasures. Page coloring looked interesting, but AFAICT that was an
 idea from the early 2000s that hasn't been revisited?

 The 100ms resolution helps; but it isn't the complete answer (and I want
 to reduce it anyway if we can achieve the same security boundary using
 fuzzyfox.)

 Maybe the answer is something more complicated? Degrading it dynamically
 (throttling) if we detect repeated calls and throw a permission prompt
 (with or without the doorhanger)?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/28621#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs