[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #17207 [Tor Browser]: Testing navigator.mimeTypes for known names can reveal info and increase fingerprinting risk

#17207: Testing navigator.mimeTypes for known names can reveal info and increase
fingerprinting risk
-------------------------------------------------+-------------------------
 Reporter:  TemporaryNick                        |          Owner:
     Type:  defect                               |  arthuredelstein
 Priority:  High                                 |         Status:
Component:  Tor Browser                          |  needs_review
 Severity:  Major                                |      Milestone:
 Keywords:  tbb-fingerprinting,                  |        Version:
  TorBrowserTeam201510R                          |     Resolution:
Parent ID:                                       |  Actual Points:
  Sponsor:                                       |         Points:
-------------------------------------------------+-------------------------
Changes (by arthuredelstein):

 * keywords:  tbb-fingerprinting, TorBrowserTeam201510 => tbb-
     fingerprinting, TorBrowserTeam201510R
 * status:  assigned => needs_review


Comment:

 It turns out that the mimeTypes list in Firefox comes from two sources:
 (1) plugins and (2) applications installed on the system. I considered
 writing a fixed spoof list of mimeTypes, but it was not clear to me which
 mimeTypes, if any, should be included in such a list.

 At this point, Tor Browser strongly discourages the use of plugins (and
 makes them click-to-play). So it probably makes sense to make the
 navigator.plugins object appear to be empty to content pages and not show
 any plugin-associated mimeTypes. This might in principle break a site that
 requires Flash, but as we (and Mozilla) are discouraging the use of Flash,
 I'm inclined not to spoof the presence of a "Flash" plugin. Especially as
 spoofing the presence of Flash might prevent a JS fallback on some sites.

 For applications, I think it is reasonable to force websites to assume
 that any file will be downloaded rather than opened by a helper app.

 So, given these conclusions about plugins and applications, I decided to
 make navigator.mimeTypes appear empty to content pages as well. But I'm
 open to further discussion.

 I bound this behavior to the "privacy.resistFingerprinting" pref, which
 will hopefully make Mozilla more amenable to accepting it.

 The following branch has two commits for review: the implementation and a
 regression test:

 https://github.com/arthuredelstein/tor-browser/commits/17207+1

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17207#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs