[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: browser fingerprinting - panopticlick

To: or-talk@xxxxxxxxxxxxx
Subject: Re: browser fingerprinting - panopticlick
From: 7v5w7go9ub0o <7v5w7go9ub0o@xxxxxxxxx>
Date: Sat, 30 Jan 2010 20:40:35 -0500
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Sat, 30 Jan 2010 20:41:26 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:references:in-reply-to; bh=IppMawqug0wRpMB6GeQ4qsNKiXNvh40i6BUu7v5yUyI=; b=d4BIbSco6378KNI7fGeSuKcVseGIh89b9n2Oth7n5+9duAFxUSHKnWMsurZYDJGFpw D3KUlA8si08HjEHSWBXCCZJYsMzV/SXlirkkV8Mkwixd+7cNFz7L/i7/z5/1cd+b1FwW dSxAPAYTXy2g33FS5etjYQrXe5RbJddierr+M=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:references:in-reply-to; b=SRO8ZDWX22phSrETIg4WXFtXztLCUVLBP9absZeB6YqOwENTFfPi7fmyXNH6VrtLIE mHfE8JIyMngg6KdiqZ1+NG2vUrE121+bxdFAsriV0HtcgdkBoctst8ErfPSpdU7XULim EyRw1B+AGvoY2MMQuKlgUcNCT4r/D8NMrV8Jw=
In-reply-to: <20100131012101.GF23393@xxxxxxxxxx>
References: <4ef5fec61001271330i381cfc99i632a97b7cc820e3b@xxxxxxxxxxxxxx> <20100128210450.GD23393@xxxxxxxxxx> <hk2f6a$obb$1@xxxxxxxxxxxxx> <4B64D000.9050001@xxxxxxxxx> <20100131012101.GF23393@xxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

Mike Perry wrote:
[]
> 
> The reason why Torbutton didn't opt for the same origin policy method
>  is because Tor exit nodes can impersonate any non-https origin they
>  choose, and query your history or store global cache identifiers
> that way. It was basically all or nothing for us.

Ah......... makes sense.

> 
> But yes, it would be nice if Colin Jackson and company kept 
> SafeHistory and SafeCache updated for regular users. Sadly they seem
>  to have forgotten about it. I wonder if anyone will make a fork and
>  update it.
> 
IIRC, they were also concerned about the "wild west" of FF internal
extension management - that a bad guy can wreak havoc in there (of course,
Torbutton has done that to our benefit :-) ).

Given the implications of panopticlick, have you any interest/plans in
making Torbutton fingerprints even more indistinguishable (e.g. give
every user a windows I.E. fingerprint)

***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/

Follow-Ups:
- Re: browser fingerprinting - panopticlick
  - From: Andrew Lewman

References:
- browser fingerprinting - panopticlick
  - From: coderman
- Re: browser fingerprinting - panopticlick
  - From: Mike Perry
- Re: browser fingerprinting - panopticlick
  - From: scar
- Re: browser fingerprinting - panopticlick
  - From: 7v5w7go9ub0o
- Re: browser fingerprinting - panopticlick
  - From: Mike Perry

Prev by Author: Re: browser fingerprinting - panopticlick
Next by Author: Re: browser fingerprinting - panopticlick
Previous by thread: Re: browser fingerprinting - panopticlick
Next by thread: Re: browser fingerprinting - panopticlick
Index(es):
- Author
- Thread