[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Privacy Badger
On 2015-08-28 20:05, Mike Perry wrote:
Yikes! I didn't know this. This is especially bad, especially if Privacy
Badger has custom storage mechanisms for this that aren't cleared
regularly (which you touch on below).
And if you do clear this list regularly, Privacy Badger is useless; it
functions by learning which sites are legitimate and which are
potentially tracking you based on the fact that by their nature,
trackers are resources loading from a consistent location into various
unrelated sites using cookies that are potentially uniquely identifying.
Resetting it's history leaves you vulnerable to tracking until it has
re-learned your behaviour, by which time you're vulnerable to
It might be possible to take the same concept and democratize it in some
fashion that would share the heuristically learned data between users,
such that users aren't individually fingerprintable (while uses of
Privacy Badger itself would become more obvious), but then you have the
problem of building a whitelist for resources that are actually useful,
and potential malfeasance on the part of whitelist submissions, as well
as the efforts to manage the whitelist. Without a whitelist, it will
eventually break sites, and if you whitelist yourself, you again
generate a fingerprint.
As much as I love Privacy Badger in general, I don't see how it can fit
into the Tor model.
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to