[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Making TBB undetectable!



No, you can't just patch in a hardcoded window and screen size unless it reflects the actual viewport size.

JavaScript is often used to position elements using relatively absolute positioning based on the viewport that it understands is correct, this will fail if the viewport vs reported size isn't accurate. More importantly, it won't even work, JavaScript can detect where wrapping happens, and some creative 1 pixel tall transparent images could detect the actual horizontal width by using varying widths.


On 2015-09-26 08:45, aka wrote:
Can't TBB devs just patch in a hardcoded 1366x768 window and screen size
in the javascript handler?

Also, if you want true undetectability you need to install a Tor
instance and your OS for TBB in seperate VMs and setup the Tor VM to be
a transparent router for your OS, so even if java/flash/exploit is
executed, it doesn't leak your real IP, since even your OS in the VM is
forced through Tor.
The FBI used an old firefox exploit to execute native code and did plain
IP requests to uncover users. In that configuration they would need an
additional VM escape exploit, which raises the cost exponentially.

behnaz Shirazi wrote:
In many different cases TBB users have to be undetectable (bypassing
flags, escaping from deep investigations, confusing malicious iframes
etc etc) when traffic flows through custom Tor exite nodes or even
when traffic flows directly just for the privacy TBB offers at client
side compared to plain Firefox.


TBB have a distinguishable User-Agent and screen size that can be
easily changed to something more common but it also have other
fingerprints that are hard to change, such as timezone=0 or
navigator.plugins=none or some dialogs [1] [2]. And TBB have even more
fingerprints that we are not aware of yet


Can someone please teach Tor users how to modify the source code and
compile a custom build or create browser Add-ons that subvert these
detection methods? There must be an option for those who urgently
(...) need undetectability and it doesn't require much effort to make
that happen.


[1]: https://www.browserleaks.com/canvas
[2]: https://www.browserleaks.com/firefox



--
Dave Warren
http://www.hireahit.com/
http://ca.linkedin.com/in/davejwarren


--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk