[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-talk] Making TBB undetectable!
The problem you have there, is what to randomize,
The various bits that define your fingerprint.
but natural's hard to fake
No need to spoof traffic if using real fingerprint variables.
When we're talking about making the browser unidentifiable as TBB, the
act of having something in the fingerprint that changes to prevent
correlation between sessions provides an avenue by which it can be
identified as TBB:
I feel like behavior will address the examples for this argument.
Making people blend into the crowd of regular internet users is best
only if we resolve the traffic source; i.e., Tor exits.
That's quite an issue to solve though. [Attackers can] map out Tor
True, but we can come up with other ideas than using the public Tor
the aim isn't to hide that you're using Tor
from your destination, and successfully doing so would (IMO) be a
But it is, and I agree :)
Those are a list of the requests we know are differentiators, it
mean that others won't be discovered, you'd need to gamble that
found is publicly disclosed when it's found, rather than kept quiet by
But this is the case for everybody everywhere.
What you're essentially asking for is a browser that behaves
like TBB (i.e. the various privacy protections) whilst pretending it
behaves like a Google Nexus (for example). It's not that it'd be
to do, but one tiny mistake or oversight takes you straight back to
finger-printable, and almost uniquely so if very few are using
With the fingerprint, isn't it only valuable over multiple sessions, and
if others aren't also using that same ID?
So, you can fairly easily poll for various add-ons. Not sure it'd
your add-on, but seemed worth mentioning.
I don't see this being an add-on as much as being in the settings
options (which can probably be detected?) where the User Agent is
located. The User Agent would be a nice way to simplify the various
The IDs can be open-source and added to other browsers as a standard way
of providing detectability.
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to