[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #10833 [Firefox Patch Issues]: Screen resolution should not be identical to window size

Subject: Re: [tor-bugs] #10833 [Firefox Patch Issues]: Screen resolution should not be identical to window size
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Sat, 08 Feb 2014 12:33:19 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 08 Feb 2014 07:33:42 -0500
In-reply-to: <043.8b6dc526db05212c7196a33f2b1518a3@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <043.8b6dc526db05212c7196a33f2b1518a3@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#10833: Screen resolution should not be identical to window size
--------------------------------------+-----------------------
     Reporter:  ben                   |      Owner:  mikeperry
         Type:  defect                |     Status:  closed
     Priority:  normal                |  Milestone:
    Component:  Firefox Patch Issues  |    Version:
   Resolution:  duplicate             |   Keywords:
Actual Points:                        |  Parent ID:
       Points:                        |
--------------------------------------+-----------------------

Comment (by ben):

 > It is not possible to both defend against fingerprinting *and* prevent
 TBB from being detected as TBB.

 OK, so detection of Tor is not an issue. Understood.

 > We make our decisions about fingerprinting based on the concept of
 entropy reduction *inside* the TBB userbase.

 Right. But a screen resolution of 1057x909 would appear likely only once
 world-wide.

 > First, there are websites out there that will try to resize browser
 windows to the whole desktop resolution

 We'd need to prevent that. Even regular Firefox prevents window resize and
 popups (by default, and almost all websites accepted this limitation). So,
 I don't think that's an issue. If we would allow that, that would
 definitely allow tracking: Just resize the window to a unique size, and
 then later or on another site or session query it. Even if you change the
 size for new windows, it would allow to match different sessions within
 the same window.

 > Further, ... people with larger than 1920x1080 displays will necessarily
 stand out with your suggestion.

 No more than they currently do.

 My suggestion can reduce entropy dramatically (from 20+ bits=unique to 2
 bits: 2 resolutions within TBB only). Is there a case where it increases
 entropy compared to now in TBB?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10833#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #10833 [Firefox Patch Issues]: Screen resolution should not be identical to window size
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #10839 [Firefox Patch Issues]: Revert #10419 and fix it by another way
Next by Author: Re: [tor-bugs] #10833 [Firefox Patch Issues]: Screen resolution should not be identical to window size
Previous by thread: Re: [tor-bugs] #10833 [Firefox Patch Issues]: Screen resolution should not be identical to window size
Next by thread: Re: [tor-bugs] #10833 [Firefox Patch Issues]: Screen resolution should not be identical to window size
Index(es):
- Author
- Thread