[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Audio fingerprinting

To: "tor-talk@xxxxxxxxxxxxxxxxxxxx" <tor-talk@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [tor-talk] Audio fingerprinting
From: Jonathan Wilkes <jancsika@xxxxxxxxx>
Date: Fri, 3 Jun 2016 22:47:12 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 03 Jun 2016 18:47:30 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1464994033; bh=oC699goRNXlkxbI530JkyS1LFTQXahNcUZgtj4BUQEY=; h=Date:From:Reply-To:To:In-Reply-To:References:Subject:From:Subject; b=uObPmWm6XDkqUzpVxDgBRzCbemgmSm6moBi8iNu58dLV81mXhJnB9rxrTzrl+23GM+sFDSFBg3DfLlkL/SW9CQOYyMHv84JwOZLklTVVl0UlU8zNW5vgu6LOVXgM3AjzX7VpuIwEr0RCM0tCg0gVkmkprhHuV2cItzlOJUqFhifCLxQZ9nnIynp2fCdxWAZbpM5Ou0cr9x9VG/cog/ybAOtVcUo97sfgoXu7ZsvzHNqoG1f4GArDK0uDVnl2xcrKgs5kraf+G2glhTYjYGlNMo22ZVLfkUB4H6ZFbQN5HfyMwLmn563axSU87IJhc91es/fKTUV8yPGzcjzelSV9Qg==
In-reply-to: <5751F91D.1010001@xxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <57469666.2050200@xxxxxxxxxx> <574e93a5.c6278d0a.fa22.ffffd931@xxxxxxxxxxxxx> <5751F91D.1010001@xxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

> So itâs not collecting sound played or recorded on a machine but rather harvesting the audio signature of the individual machine and using that as an identifier to track a web user.
"Audio signature" seems a bit broad.Â From what I can tell it could be doing 
about three things:1) Fingerprint the browser by looking at the antialiasing method its 
audiocontext implementation uses2) If the browser is branching the antialiasing method based on the 
machine/processor/etc., then the miner can infer that by looking at the output.3) Measuring the time it takes the machine to generate the output.
It's a javascript api, and if you have javascript turned on there are already 
way easier ways to get #1 and #2.Â Plus I doubt #3 would ever be the 
determining factor in positively ID'ing a machine.
But it's still another bit of data.Â When GCC adds a line to output a caret 
showing the exact column where an error starts, I go, "Oh, that's very nice!" 
I'm sure the folks at the other end of your request do the same.
-Jonathan
 
 
    

 On Friday, June 3, 2016 5:40 PM, "mrnobody@xxxxxxxxxx" <mrnobody@xxxxxxxxxx> wrote:
 

 Actually meant if some of you anon folks knew if it was possible to
perform this deanonymisation without javascript. The "fuck javascript"
part that i know :)

juan:
> On Thu, 26 May 2016 06:23:34 +0000
> "mrnobody@xxxxxxxxxx" <mrnobody@xxxxxxxxxx> wrote:
>
>
>> uses fingerprintjs2 library.
>>
>> Any thoughts?
> ÂÂÂ fuck javascript?
>
>


-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk


  
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- Re: [tor-talk] Audio fingerprinting
  - From: juan
- Re: [tor-talk] Audio fingerprinting
  - From: mrnobody@xxxxxxxxxx

Prev by Author: Re: [tor-talk] Question for those who say "Tor is pwned"
Next by Author: Re: [tor-talk] Tor (and other nets) probably screwed by Traffic Analysis by now
Previous by thread: Re: [tor-talk] Audio fingerprinting
Next by thread: Re: [tor-talk] Audio fingerprinting
Index(es):
- Author
- Thread