[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Making TBB undetectable!


The various bits that define your fingerprint.

Basically, the countermeasure against such behavior is
to stick a cookie with an hash of your fingerprint
to your browser and deny you, as soon as it no longer

Yes, but discrimination is unsupported and avoidable.

If you try to spoof

No spoof.

If you'd read the TBB design doc,

Quite the presumption :(

you'd understand that the
choice that was made, using a pretty real and pretty common
user-agent, and some measures were added.

And as a result, Tor Browser owns up to its ID with no spoofing, as Tor Browser users appear a Tor Browser users.

using tor to connect
to another semi-public entity (like an open proxy)

The only case, were that makes sense to me is for trolling sites

Or using the internet. What if the OP is tired of being rejected from visiting sites due to IP badlists and uses said proxy to appear like a clearnet user so as not to be restricted. Google products (except for Google Images) require this. Ix Quick and Startpage feature this.

if you are so unhappy with TBB.

Again with the presumptions :(:(

The demanded


feature makes
absolutely no sense for a TBB usecase or threatmodel.

Will you link to the use cases and threat models in the documentation?

You fail to understand

Fail often to succeed sooner :)

My thought is that this is being mentioned in multiple places and, if there is any merit to undetectability, we should challenge it fully to see; not settle with what we have and use "good enough" as an argument. I suggested a formal proposal as the next step.


tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to