[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Torbutton 1.1.14-alpha released



Torbutton 1.1.14-alpha has been released at
https://torbutton.torproject.org/dev/. 

This release primarily features several mechanisms to mitigate browser
fingerprinting. This includes chrome/extension presence disclosure,
resolution information, Tor port probing, and user agent and locale
spoofing fixes.

Here is the complete ChangeLog for 1.1.14:

  * bugfix: set general.useragent.locale if user wants to spoof an English
    browser. This handles navigator.locale
  * bugfix: Mask navigator.buildID. Reported by Greg Fleischer
  * Initial Firefox 3 work. Functionality still broken due to FF Bug 413682
  * bug 580: Resize preferences window to fit in 640x480 displays
  * new: Spoof window.screen to mask desktop resolution and resize the
    browser to multiples of 50px while tor is enabled.
  * new: Block content window access to chrome urls if Tor is enabled,
    and hide Torbutton if Tor is disabled. Thanks to Greg Fleischer for
    reporting the chrome disclosure issues
  * new: Added option to close all opened tabs on a Tor toggle. Useful
    for general convenience and also as a backup protection against
    Bug 409737.
  * new: Add Tor ports to the list of banned ports for Firefox. Should
    prevent http-ping based fingerprinting attacks.
  * new: Finally add support for automatic updates.


-- 
Mike Perry
Mad Computer Scientist
fscked.org evil labs

Attachment: pgpPAqscmHchk.pgp
Description: PGP signature