[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #13018 [Applications/Tor Browser]: Math routines are OS fingerprintable
#13018: Math routines are OS fingerprintable
-------------------------------------------------+-------------------------
Reporter: mikeperry | Owner: tbb-
| team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: tbb-fingerprinting-os-version, | Actual Points:
ff31-esr |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by yawning):
A few notes:
* A quick check with the browser console gives me the impression that
simple JS math expressions are evaluated with 64 bit intermediaries (as
opposed to 80 bit). I am uncertain about the JS JIT behavior. `(1.0 +
Number.EPSILON * 0.5) + Number.EPSILON * 0.5`)
* Assuming calls are made to libm (or equivalent) blindly, the results on
each system are library version and implementation dependent. A
particularly egregious example would be the output of `double sin(double
x);` being flat out wrong for glibc < 2.19 for certain values. MS's VC++
runtime is less wrong for a different set of certain values, but is still
wrong. This probably applies to most transcendental functions.
* Even if we fix the JS that calls into libm, higher level apis that just
happen to do math are not guaranteed to give the correct results,
depending on how the native code it's called into is written or built. If
we can assume that x87 is never used at all, then we'd still need to check
for things like ` rsqrtss`.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13018#comment:26>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs