[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #13021 [Tor Browser]: Review Canvas APIs for fingerprintability
#13021: Review Canvas APIs for fingerprintability
-------------------------+-------------------------------------------------
Reporter: | Owner: brade
mikeperry | Status: assigned
Type: task | Milestone:
Priority: major | Version:
Component: Tor | Keywords: ff31-esr, tbb-fingerprinting,
Browser | TorBrowserTeam201409
Resolution: | Parent ID:
Actual Points: |
Points: |
-------------------------+-------------------------------------------------
Comment (by gacar):
Cool, seems all Canvas API methods are in a competition to be the most
fingerprintable!
I got matching results with you, i.e. my FF 32 matched your FF 31, my Tor
Browser matched yours.
I think this may get really scary if we observe different fingerprints for
the same TBB version on different machines (with the same OSes).
Until seeing that, I will believe that Tor Browser is ok with this attack.
Since the diversity should be due to the drawing target (cairo SW, common
for TBB users) which does the transformation and boundary calculation:
https://mxr.mozilla.org/mozilla-
esr31/source/content/canvas/src/CanvasRenderingContext2D.cpp#898
https://mxr.mozilla.org/mozilla-
esr31/source/content/canvas/src/CanvasRenderingContext2D.cpp#3110
Being said that, I think that really worth testing!
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13021#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs