Torbutton 1.1.14-alpha has been released at https://torbutton.torproject.org/dev/. This release primarily features several mechanisms to mitigate browser fingerprinting. This includes chrome/extension presence disclosure, resolution information, Tor port probing, and user agent and locale spoofing fixes. Here is the complete ChangeLog for 1.1.14: * bugfix: set general.useragent.locale if user wants to spoof an English browser. This handles navigator.locale * bugfix: Mask navigator.buildID. Reported by Greg Fleischer * Initial Firefox 3 work. Functionality still broken due to FF Bug 413682 * bug 580: Resize preferences window to fit in 640x480 displays * new: Spoof window.screen to mask desktop resolution and resize the browser to multiples of 50px while tor is enabled. * new: Block content window access to chrome urls if Tor is enabled, and hide Torbutton if Tor is disabled. Thanks to Greg Fleischer for reporting the chrome disclosure issues * new: Added option to close all opened tabs on a Tor toggle. Useful for general convenience and also as a backup protection against Bug 409737. * new: Add Tor ports to the list of banned ports for Firefox. Should prevent http-ping based fingerprinting attacks. * new: Finally add support for automatic updates. -- Mike Perry Mad Computer Scientist fscked.org evil labs
Attachment:
pgpPAqscmHchk.pgp
Description: PGP signature