[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #1517 [Tor Browser]: Provide JS with reduced time precision

Subject: Re: [tor-bugs] #1517 [Tor Browser]: Provide JS with reduced time precision
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Fri, 08 May 2015 06:41:28 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 08 May 2015 02:41:37 -0400
In-reply-to: <049.3bb000968c6e57f10a8e340ac5459530@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <049.3bb000968c6e57f10a8e340ac5459530@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#1517: Provide JS with reduced time precision
-------------------------+-------------------------------------------------
     Reporter:           |      Owner:
  mikeperry              |     Status:  needs_review
         Type:           |  Milestone:
  enhancement            |    Version:
     Priority:  major    |   Keywords:  backport-to-mozilla, tbb-torbutton,
    Component:  Tor      |  tbb-fingerprinting-time-highres, ff38-esr,
  Browser                |  TorBrowserTeam201505R, PearlCrescent201505R
   Resolution:           |  Parent ID:
Actual Points:           |
       Points:  10       |
-------------------------+-------------------------------------------------

Comment (by mikeperry):

 Replying to [comment:30 mcs]:
 > Replying to [comment:25 mikeperry]:
 > > Here's a patch that should make all JS clock sources and event
 timestamps have 100ms resolution, except for keypress events, which should
 have 250ms resolution: https://gitweb.torproject.org/user/mikeperry/tor-
 browser.git/commit/?h=bug1517. It also clamps internal usage of
 DOMHighResTimestamps to 1 microsecond, to avoid internal sidechannels and
 other leaks.
 >
 > Kathy and I reviewed this and the changes look OK.  It is hard to say
 what might break though.
 >
 > One question: do you know how the ToMilliseconds() and ToMicroseconds()
 calls inside xpcom/ds/TimeStamp.h are exposed to web content?  Is
 ToSeconds() exposed as well?  If so, we should also reduce the resolution
 of values returned by ToSeconds().

 ToMicroseconds() is exported to content by window.performance.now(). I
 think ToMilliseconds the underlying call to obtain the timesource for
 nsDOMEvents (though at the moment I'm not 100% certain exactly what made
 me believe this, but some casual grepping shows that it is used everywhere
 in the codebase). I didn't touch ToSeconds() because its implementation is
 highly platform dependent, and it is only used in the animation code. It
 did not appear exposed directly to content.

 I will verify all this with deeper inspection tomorrow.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/1517#comment:31>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #15957 [Service - git]: Repo request - user/colin/tb-videos
Next by Author: [tor-bugs] #15959 [- Select a component]: Flat Stomachs Laid Bare
Previous by thread: Re: [tor-bugs] #1517 [Tor Browser]: Provide JS with reduced time precision
Next by thread: Re: [tor-bugs] #1517 [Tor Browser]: Provide JS with reduced time precision
Index(es):
- Author
- Thread