[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #31512 [Applications/Tor Browser]: Fingerprinting of Tor Browser

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #31512 [Applications/Tor Browser]: Fingerprinting of Tor Browser
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Thu, 19 Sep 2019 03:06:09 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 18 Sep 2019 23:06:20 -0400
In-reply-to: <049.3f0f00a2bd3152c4b32080a52f62696f@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <049.3f0f00a2bd3152c4b32080a52f62696f@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#31512: Fingerprinting of Tor Browser
--------------------------------------+--------------------------
 Reporter:  thelamper                 |          Owner:  tbb-team
     Type:  enhancement               |         Status:  closed
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Major                     |     Resolution:  invalid
 Keywords:                            |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------

Comment (by thelamper):

 Is everyone here aware of this cross-browser fingerprinting method?
 http://uniquemachine.org/
 #
 More info available here :
 https://arstechnica.com/information-technology/2017/02/now-sites-can-
 fingerprint-you-online-even-when-you-use-multiple-browsers/
 http://yinzhicao.org/TrackingFree/crossbrowsertracking_NDSS17.pdf

 If this is already discussed point me to the relevant ticket.

 Disabling javascript is the obvious defense to this. webGL is already
 disabled by default in the Tor Browser, so all ok there right? disabling
 the microphone is another measure to take. i cant see that WindowsOS has
 the option to disable speakers aside from turning the volume down to 0 for
 all apps (or for just for the Tor Browser). is running the Tor Browser in
 a virtual machine or in Tails a bit overkill to be absolutely sure of
 preventing cross-browser fingerprinting?

 I tested the uniquemachine.org webpage on the Tor Browser on my device and
 it got stuck on 'fingerprinting GPU' and the display of graphics. probably
 due to webGL disabled but i cant be certain.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31512#comment:14>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #31372 [Core Tor/Tor]: Appveyor and Travis should use "make -k"
Next by Author: Re: [tor-bugs] #23811 [Applications/Tor Browser]: Investigate MinGW commit for create_locale thing
Previous by thread: Re: [tor-bugs] #31512 [Applications/Tor Browser]: Fingerprinting of Tor Browser
Next by thread: [tor-bugs] #31774 [Webpages/Website]: "#board" anchor on people page doesn't work
Index(es):
- Author
- Thread