[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Spoofing a browser profile to prevent fingerprinting

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-talk] Spoofing a browser profile to prevent fingerprinting
From: Craw <paulus.smirnov@xxxxxxxxx>
Date: Sat, 26 Jul 2014 22:14:28 +0400
Authentication-results: smtp1h.mail.yandex.net; dkim=pass header.i=@xxxxxxxxx
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 26 Jul 2014 14:26:43 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1406398480; bh=oxOl8oAumYW3Aun5XSaj0b0lXINw+5fzk8vouxgZm1Y=; h=Message-ID:Date:From:User-Agent:MIME-Version:To:Subject: X-Enigmail-Version:Content-Type:Content-Transfer-Encoding; b=mukohsj1bixIdSlYCeWK3Keg761Y2CBAkw6TT6sRxZ6Rs0xv9TB7NVSkBvYX9e/TN eLzcOj/AjiTUOgKOBxI0Ed06LBerkp4qLlPe1gF/RZd8OotEEFG7VGkrG7ORVHk3KP 1/S9xdl23mALqTJddz8AE+JfqcxrAjs7846QjD+c=
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Thunderbird/24.5.0

Hello everybody,

You know, there are some various methods of fingerprinting a browser.
Plugins and plugin-provided information are still the most useful in
uniquely identifying a browser, but there are also some other
information that can be used to fingerprint a Tor user, like user
agent, screen resolution, time zone, etc.

I think it can be helpful to spoof real browser profile to random
temporary one. Each browser profile includes user-agent (browser
name/version), platform (OS name/version), screen resolution, time
zone (depends on country of an exit-relay, so, perhaps, mismatch of it
can cause suspicion?). So, my suggestion is to generate random browser
profile during each identity session, or randomly switch them after a
chosen period of time has expired. By making this, some important info
about users will be unreachable for an attacker and fingerprinting
will be more difficult.
Here's a link on open-source repository of Firefox add-one which code
we can use for Tor Browser -
https://github.com/dillbyrne/random-agent-spoofer

Also I suggest to:
- forbid HTML5 Canvas by default
(http://cseweb.ucsd.edu/~hovav/dist/canvas.pdf)
- use only standard font set (can be used for fingerprinting)
- set network.http.sendRefererHeader value "0" by default (allows
sites to track referer, but some sites can be broken! add ability to
switch on/off referer?)

Let me know about your thoughts,
Looking forward to hear from you, Pavel.

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Spoofing a browser profile to prevent fingerprinting
  - From: ideas buenas
- Re: [tor-talk] Spoofing a browser profile to prevent fingerprinting
  - From: Sebastian G. <bastik.tor>

Prev by Author: Re: [tor-talk] [liberationtech] data mine the snowden files [was: open the snowden files]
Next by Author: Re: [tor-talk] Spoofing a browser profile to prevent fingerprinting
Previous by thread: Re: [tor-talk] EFF / applied law mailing list?
Next by thread: Re: [tor-talk] Spoofing a browser profile to prevent fingerprinting
Index(es):
- Author
- Thread