[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [tor-browser-spec/master] Mention OS type fingerprinting in the fingerprinting section.

To: tor-commits@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-commits] [tor-browser-spec/master] Mention OS type fingerprinting in the fingerprinting section.
From: mikeperry@xxxxxxxxxxxxxx
Date: Sat, 1 Nov 2014 05:51:38 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 01 Nov 2014 01:51:56 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-commits/>
List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>
List-id: "auto: code repository commits" <tor-commits.lists.torproject.org>
List-post: <mailto:tor-commits@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>
Patch-author: Mike Perry <mikeperry-git@xxxxxxxxxxxxxx>
Sender: "tor-commits" <tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx>

commit 73b45c0680c865bae64936f0bd41c3757bdf7d2f
Author: Mike Perry <mikeperry-git@xxxxxxxxxxxxxx>
Date:   Fri Oct 31 22:51:21 2014 -0700

    Mention OS type fingerprinting in the fingerprinting section.
---
 design-doc/design.xml |   34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)

diff --git a/design-doc/design.xml b/design-doc/design.xml
index b8c67d9..9ff1b89 100644
--- a/design-doc/design.xml
+++ b/design-doc/design.xml
@@ -1902,6 +1902,40 @@ fingerprinting: timestamp quantization and jitter.
 We have no implementation as of yet.
      </para>
     </listitem>
+    <listitem>Operating System type fingerprinting
+     <para>
+
+As we mentioned in the introduction of this section, OS type fingerprinting is
+currently considered a lower priority, due simply to the numerous ways that
+characteristics of the Operating System type may leak into content, and the
+comparatively low contribution of OS to overall entropy. In particular, there
+are likely to be many ways to measure the differences in widget size,
+scrollbar size, and other rendered details on a page. Also, directly exported
+OS routines, such as the Math library, expose differences in their
+implementations due to these results.
+
+
+     </para>
+     <para><command>Design Goal:</command>
+
+We intend to reduce or eliminate OS type fingerprinting to the best extent
+possible, but recognize that the effort for reward on this item is not as high
+as other areas. The entropy on the current OS distribution is somewhere around
+2 bits, which is much lower than other vectors which can also be used to
+fingerprint configuration and user-specific information.
+
+     </para>
+     <para><command>Implementation Status:</command>
+
+We have no defenses deployed that address OS type fingerprinting, but nothing
+else. Several defenses may help also mitigate it, in addition to reducing a
+lot more entropy elsewhere. You can see the major areas of OS fingerprinting
+we're aware of using the tag <ulink
+url="https://trac.torproject.org/projects/tor/query?keywords=~tbb-fingerprinting-os";>tbb-fingerprinting-os
+on our bugtracker</ulink>.
+
+     </para>
+    </listitem>
    </orderedlist>
    </sect3>
    <para>

_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

Prev by Author: [tor-commits] [tor-browser-spec/master] Update release process to follow the new www commit system.
Next by Author: [tor-commits] [webwml/master] Describe OS type fingerprinting in TBB design doc.
Previous by thread: [tor-commits] [tor-browser-spec/master] Update release process to follow the new www commit system.
Next by thread: [tor-commits] [webwml/master] Describe OS type fingerprinting in TBB design doc.
Index(es):
- Author
- Thread