[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: browser fingerprinting - panopticlick



Andrew Lewman wrote:
> On 01/29/2010 04:36 PM, Michael Holstein wrote:
>>> The main cause was the screen resolution.
> 
> https://blog.torproject.org/blog/effs-panopticlick-and-torbutton
> 
>> Running TOR and leaving javascript enabled sort of defeats the 
>> point, doesn't it?
> 
> Not really.  Most of the websites are useless without javascript 
> enabled.  Torbutton protects against known attacks via javascript 
> (yes there's something to be said about unknown attacks...).
> 

(Sigh)...Exactly right; and add flash to that prerequisite.

As we slowly transition to web 2.0, probably the next step is putting
the TOR browser in a VM full of bogus, randomized userid/sysid/network
information - carefully firewalled to allow TOR access only (TOR would
be running somewhere outside the browser VM).

***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/