On Sun, Feb 24, 2008 at 8:33 PM, Mike Perry <mikeperry@*.org> wrote:
Torbutton 1.1.14-alpha has been released at
https://torbutton.torproject.org/dev/.
This release primarily features several mechanisms to mitigate browser
fingerprinting. This includes chrome/extension presence disclosure,
resolution information, Tor port probing, and user agent and locale
spoofing fixes.
Here is the complete ChangeLog for 1.1.14:
* bugfix: set general.useragent.locale if user wants to spoof an English
browser. This handles navigator.locale
* bugfix: Mask navigator.buildID. Reported by Greg Fleischer
* Initial Firefox 3 work. Functionality still broken due to FF Bug 413682
* bug 580: Resize preferences window to fit in 640x480 displays
* new: Spoof window.screen to mask desktop resolution and resize the
browser to multiples of 50px while tor is enabled.
* new: Block content window access to chrome urls if Tor is enabled,
and hide Torbutton if Tor is disabled. Thanks to Greg Fleischer for
reporting the chrome disclosure issues
* new: Added option to close all opened tabs on a Tor toggle. Useful
for general convenience and also as a backup protection against
Bug 409737.
* new: Add Tor ports to the list of banned ports for Firefox. Should
prevent http-ping based fingerprinting attacks.
* new: Finally add support for automatic updates.
--
Mike Perry
Mad Computer Scientist
fscked.org evil labs