[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Tor Project Idea | GSOC 2015 | Panopticlick | fake fingerprint

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] Tor Project Idea | GSOC 2015 | Panopticlick | fake fingerprint
From: "l.m" <ter.one.leeboi@xxxxxxxx>
Date: Thu, 12 Feb 2015 12:12:43 -0500
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 12 Feb 2015 12:12:58 -0500
In-reply-to: <CAKh+L70mp3OQvnAuAUip-4SfdMcqRAB+kRkp91scwBub11P2eQ@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>

Hi,

For anonymous scraping it could certainly be useful. This poses a problem as far as making Tor Project look as if it supports autonomous anonymous scraping of web data. Ultimately this impression could lead to even more blocking of Tor exits. Another problem with the idea of a randomized fingerprint is that it breaks useability. It might be great for scraping but web sites rely on knowing some of those parameters for proper display. Finally it's worth mentioning that the goal of TBB fingerprinting is to reduce entropy within TBB's user base. A random fingerprint violates this constraint.

I'm not commenting on gsoc eligibility--just that it's an edge case which will lead to blocking of Tor's exits. If more exit get blocked then you cannot scrape.

--leeroy

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Follow-Ups:
- Re: [tor-dev] Tor Project Idea | GSOC 2015 | Panopticlick | fake fingerprint
  - From: Gunes Acar

References:
- [tor-dev] Tor Project Idea | GSOC 2015 | Panopticlick | fake fingerprint
  - From: Rohit Dua

Prev by Author: Re: [tor-dev] [Proposal 241] Resisting guard-turnover attacks [DRAFT]
Next by Author: Re: [tor-dev] RFC: Ephemeral Hidden Services via the Control Port
Previous by thread: Re: [tor-dev] Tor Project Idea | GSOC 2015 | Panopticlick | fake fingerprint
Next by thread: Re: [tor-dev] Tor Project Idea | GSOC 2015 | Panopticlick | fake fingerprint
Index(es):
- Author
- Thread