[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #17207 [Tor Browser]: Testing navigator.mimeTypes for known names can reveal info and increase fingerprinting risk

Subject: Re: [tor-bugs] #17207 [Tor Browser]: Testing navigator.mimeTypes for known names can reveal info and increase fingerprinting risk
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Fri, 30 Oct 2015 21:27:57 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 30 Oct 2015 17:28:06 -0400
In-reply-to: <053.727af6af4284f4a552b39aeea3525c93@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <053.727af6af4284f4a552b39aeea3525c93@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#17207: Testing navigator.mimeTypes for known names can reveal info and increase
fingerprinting risk
-------------------------------------------------+-------------------------
 Reporter:  TemporaryNick                        |          Owner:
     Type:  defect                               |  arthuredelstein
 Priority:  High                                 |         Status:
Component:  Tor Browser                          |  needs_review
 Severity:  Major                                |      Milestone:
 Keywords:  tbb-fingerprinting,                  |        Version:
  TorBrowserTeam201510R                          |     Resolution:
Parent ID:                                       |  Actual Points:
  Sponsor:                                       |         Points:
-------------------------------------------------+-------------------------

Comment (by gk):

 This looks okay to me and I merged cherry-picked the commits onto tor-
 browser-38.3.0esr-5.5-2. One question: Is there any reason why you did not
 add ` ||ResistFingerprinting()` to any `!AllowPlugins()`? I guess only
 those where you added them are fingerprinting relevant? I wonder if that
 is going to lead into some confusion though: there may be things doable
 with plugins if you have fingerprinting defenses enabled (and are allowing
 plugins) and other things only if you have them disabled. Or are there no
 such things? I know there are a bunch of users that (need to?) enable
 Flash but maybe we just don't care about them too much here.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17207#comment:18>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #17207 [Tor Browser]: Testing navigator.mimeTypes for known names can reveal info and increase fingerprinting risk
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #17305 [Tor Browser]: Make our Gitian setup able to build hardened Linux bundles (64bit)
Next by Author: Re: [tor-bugs] #17207 [Tor Browser]: Testing navigator.mimeTypes for known names can reveal info and increase fingerprinting risk
Previous by thread: Re: [tor-bugs] #17207 [Tor Browser]: Testing navigator.mimeTypes for known names can reveal info and increase fingerprinting risk
Next by thread: Re: [tor-bugs] #17207 [Tor Browser]: Testing navigator.mimeTypes for known names can reveal info and increase fingerprinting risk
Index(es):
- Author
- Thread