[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #14310 [Tor Browser]: Standard on anonymized browser behaviour
#14310: Standard on anonymized browser behaviour
-----------------------------+----------------------
Reporter: cypherpunks | Owner: tbb-team
Type: task | Status: reopened
Priority: normal | Milestone:
Component: Tor Browser | Version:
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
-----------------------------+----------------------
Comment (by cypherpunks):
Thank you, very interesting article (especially interesting the list of
existing fingerprinters which actually were using the same technology that
I have used in my study), but the approach of mitigation mentioned there
is not very useful.
I have already thought about randomization and found it useless. Because
an adversary can easily avoid this, using repeating. They have proposed to
create a cache of random values, but the cache can be bypassed. For
example in common canvas fingerprinting technique when we hash the image,
the browser can add a random noise to image and cache it. What can we do?
We can generate a different image and use only part of it. Because the
image is different, there will be created a different random noise, which
most likely won't overlap the generated noise, so it can be discarded by
repeating.
In the case of fonts we can run a fingerprinter from different domains of
one service. Because every domain means that new randomization will be
applyed, we will be able to discard randomness and get steady fingerprint.
Also we can use this cache to crash the browser, creating a lot of
fingerprintable features and making the browser to add randomness to them
and cache it.
Also this random cache can be used as identifier.
But one of the ways is to create randomness on start of new anonymous
session and use the same randomness for all the site. So an adversary will
be able to track you between sites, but only limited by one session. Of
course, randomness must be generated by a secure PRG.
So I think that the standard should use both ways.
All the features can be made equal in all the an. browsers must be equal
for all the an. browsers.
Another set of features (we are not ready to make equal) must be
randomized in a way I have described.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/14310#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs