[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Improving Private Browsing Mode/Tor Browser



Thus spake Georg Koppen (g.koppen@xxxxxxxxx):

> > However, when performed by the exits, this linkability is a real
> > concern. Let's think about that. That sounds more like our
> > responsibility than the browser makers. Now I think I see what Georg
> > was getting at. We didn't mention this because the blog post was
> > directed towards the browser makers.
> 
> Well, my idea was not that sophisticated but yes, it belongs to the
> passive attacks available to exit mixes I generally had in mind (and I
> agree that the current domain-based proposal makes it way harder for an
> active mix attacker). My example used just one session. And I still
> would claim that even this gives an exit mix means to track users during
> the 10 minutes (and later if the user happens to get the same exit mix
> again within the same browsing session). If this is true do you mean
> that it is just not worth the effort or is to difficult to explain to
> the user (as it is highly probably that avoiding this kind of tracking
> implies breaking some functionality in the web (a kind of tab separation
> would be necessary but not sufficient))?

I'm confused now. You're basically just talking about cookies, cache,
and other stored identifiers at this point, right?

Single-site linkability due to information the user has provided to
the website is outside of Tor's threat model. That is what https is
for (and also why we ship HTTPS-Everywhere with the Tor Browser
Bundle).


-- 
Mike Perry
Mad Computer Scientist
fscked.org evil labs

Attachment: pgpbanDDMOXJv.pgp
Description: PGP signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev