Thus spake tagnaq (tagnaq@xxxxxxxxx): > > Wouldn't this (or some of the other header settings) allow the > > recipient or general public (if a mailing list post) to learn that > > a person was using TorBirdy? > > I don't think that Sukhbir and Jake aim for an undetectable TorBirdy, > but as soon as another email client has also an extension like > TorBirdy and agrees on the same header field settings I guess it > wouldn't be easy to determine the client in use by looking at the > header. The MSA would very likely still have the "power" to determine > the client (version). > > > I hate to say it, but "What's the threat model?" > > My thread model is described on page 6 of the following paper: > http://bit.ly/qDZm7C This is an awesome doc. Is this sourced from latex? Is it possible to output an html version somehow, too? I find the pdf format heavy and unnerving from a security perspective.. > > Is that important? It seems like it would be. As an example, go > > through this thread, and see whose reply header is of the form "On > > X, Y wrote:" and now you know who's not running the latest > > version. > > I'd consider it as important to have all torbirdy "stable" users in > one anonymity set as soon as there is a feature complete stable > version. I consider the current version as experimental. Hrmm. Actually, if we can avoid revealing this anonymity set explicitly to mailing lists and recipients, I think that might be a worthy goal. The primary reason we don't bother with it on Tor Browser is because tor exits are meant to be discoverable (with a useful secondary reason being to take Mozilla to school). Since Tor IPs are often absent from mailing list headers if the SMTP server(s) are not run by a total jerk, can we figure out a way to look more common? What's wrong with using the Thunderbird default locale string for the quotation here? If you're posting on a mailing list where discussion occurs in only one human language, shouldn't you be using that same localization for mail client? For multilingual users, can we solve that problem a different way, perhaps by a localization dropdown menu or something? I agree this is a tricky issue.. I could see this choice a few different ways. I just want to make sure we don't unnecessarily explicitly expose the user agent to a mailing list unless we really have to. Doing so can lead to targeted attacks... -- Mike Perry
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ tor-talk mailing list tor-talk@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk