[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Making TBB undetectable!

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-talk] Making TBB undetectable!
From: Spencer <spencerone@xxxxxxxxxxxxxxx>
Date: Mon, 05 Oct 2015 00:25:53 -0700
Authentication-results: mail2.openmailbox.org; dkim=none reason="no signature"; dkim-adsp=fail (unprotected policy); dkim-atps=neutral
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 05 Oct 2015 03:26:06 -0400
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=openmailbox.org; s=openmailbox; t=1444029952; bh=ssojoNH+YBfgbOXb800+Cw1USfly1O+6VTKKjIfn06E=; h=Date:From:To:Subject:In-Reply-To:References:From; b=v1dMbTdsvc9W7i02EPdrQgAJV87regHhMNTfU3U5bz5wa9F0Bw8JWUrkzntDgyrXM MhieoeYrNzG9urVOJykB4OVJEq6rO37uc4mgxrY+zIpoePG/bBypyOztB2W0PXDMga nOfaVquvdqVjtOvp7xzBFn0qPfu4iG+FLjeHm1Ks=
In-reply-to: <CABMkiz4prBsatyCz=WZx-6jucUiq3n2_Ox5upDOeH4KCxs1MMw@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <CAKcCSXohYs-2CiRiaMpObDkvvRRhOg23YDnOZA+wr6+=+1kqRw@xxxxxxxxxxxxxx> <CABMkiz6_nnMpghj-Q4yxKZHKhAdEschZAMybGC_JHjxVR_aJWw@xxxxxxxxxxxxxx> <CAKcCSXrv9iDswGGwmBdRvv6Z06zURAVS3V6Yox-wT_RJFscH=g@xxxxxxxxxxxxxx> <CABMkiz4prBsatyCz=WZx-6jucUiq3n2_Ox5upDOeH4KCxs1MMw@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Roundcube Webmail/1.0.6

Hi,

Spencer:
Is a 'Natural Fingerprint' like a clearnet fingerprint, in that itidentifies you asa regular, >non-tor, internet user, making you part of the largerherd?
behnaz Shirazi:
I don't understand what do you mean by âclearnet fingerprintâ ?

I have been defining fingerprint as any bit of info that can identifyyou, which can be any number of things. I have been defining clearnetfingerprint as the identifying bit of info defining someone as aclearnet user, such as a common User Agent.


Fingerprint is generated locally inside the browser, it is about TBB
not the onion routers.

This would be a Tor Browser fingerprint, but I understand you meanfingerprinting of Tor Browser to differentiate between Tor Browserusers.


Connecting to a website directly or via a
public Tor exit node as proxy gives one bit of information (true or
false flag) to destination website but we don't include this bit in
the fingerprinting attack.


By choice, though, yeah?  It still seems valuable.

I see this as a blocker, as this add-on is most likely detectable,yeah?


As far as I know you can't fetch installed Add-ons by javascript, it
only works for plugins. Detecting
Add-ons is done by side channel attacks.

We just change details a browser return to calls in a way that caller
can't recognize it is telling the truth or not.
of course it
won't cause a detection if user choose a mobile device profile


Interesting.

You should draft this into a proposal, with some visuals of theinterface and experience flows, and submit it to the list in search fora developer, unless you can bust this out yourself? I can help anywaythat I can. If you are interested, hit me up off-list.

Otherwise, unless there is something more tangible, I feel like peoplewill keep arguing that Tor is fine as-is :)


Wordlife,
Spencer

--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- [tor-talk] Making TBB undetectable!
  - From: Spencer

References:
- Re: [tor-talk] Making TBB undetectable!
  - From: behnaz Shirazi
- Re: [tor-talk] Making TBB undetectable!
  - From: Ben Tasker
- Re: [tor-talk] Making TBB undetectable!
  - From: behnaz Shirazi
- Re: [tor-talk] Making TBB undetectable!
  - From: Ben Tasker

Prev by Author: [tor-talk] Accessing Cloudflare sites on TBB
Next by Author: [tor-talk] Making TBB undetectable!
Previous by thread: Re: [tor-talk] Making TBB undetectable!
Next by thread: [tor-talk] Making TBB undetectable!
Index(es):
- Author
- Thread