[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-dev] Tor Friendliness Scanner

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-dev] Tor Friendliness Scanner
From: Kevin Gallagher <kcg295@xxxxxxx>
Date: Mon, 4 Mar 2019 15:58:58 -0500
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 04 Mar 2019 15:59:16 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nyu.edu; h=reply-to : to : from : subject : message-id : date : mime-version : content-type; s=20180315; bh=2+OHlp0q9o707tNAYqD1u1UTQmn1MWY1oSgms7HoALc=; b=MWC3Kczqkcfe3PhQAskjKviQchwF0XhS0ponw+IvixnmApvP1KkP8JptfYhC2IqqOJX5 JHHE3TvsinTtuxnV9r/4Jkg00qoPaNfwbuGH1BIuMFkevP+pgW5nNwCllZzzUh7U8hYK cXoRl2IHRE+/R/rDGTOw8Tn/WBfZY+1YLbze1+f1rD2XF6Usf67Gn7uCFeN/QomYqSYk fDptYDauV9Yoo8fqwkIejVURyqIhJSzW9BI8bGxPV7r4kJug6f941zIAiY2s5/0ZOF/6 RGYGhCPcsSBuRUnxIbOGXag+RfrYg6eh+Vk+GHXjovSG9Xx47nh0dtwdpZDHIq0EbSCi BA==
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nyu-edu.20150623.gappssmtp.com; s=20150623; h=reply-to:to:from:subject:organization:message-id:date:user-agent :mime-version:content-language; bh=2+OHlp0q9o707tNAYqD1u1UTQmn1MWY1oSgms7HoALc=; b=eQDdsmltzcadIG7LnYNyLofDlRQR+d8xfj9AjRZ1c+zNAQSmuTEcZTKT0iMEMMUycX nW7+HMpaVxSC/IfWlraQmyjjS2mN9M0y8bOdNZI8YMhYnVEPRow1ynpxON7DtG/qEW3t xHVRQ8c/E9zTUDlcCj72yWB6R0ziYhMl48QTsZRjyZT+09IHt98pqImBnD8qHd2eKyf5 wttJ8fe5ko1/iJyvB55APmAd+hTaZm3U2WbznGvomrJLA/anWfVN33OAeHNq8PukmHp1 Z/aQLWcOvdUcCbt9qi4QkUVixLAiIwqeQuv2o1v5mMaj3xeYE0cVyCeit24wKlkcRiQq Zd7w==
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
Organization: New York University
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.5.1

Hello tor-dev!

My name is Kevin and I'm a PhD student at NYU. Recently I've been working on creating a "Tor Friendliness Scanner" (TFS), or a scanner that will measure what features of a given website are broken (non-functional) when accessed on the Tor Browser (TB), along with actionable suggestions to improve it. In order to do this, we first must get an approximation of ground-truth data of how a given website should work. We then need to compare it to how the website works on the TB to determine any changes.

To generate a method of determining ground-truth, we decided to modify* the Firefox (FF) browser to log all of the steps of the creation of the Content Tree (also called the DOM tree), and to log the execution of all _javascript_ functions (currently underway). We then will apply these changes to the TB as well, and run a scan of popular Web sites using the modified FF and the modified TB on all three of the TB security slider settings. We will then compare the resulting logs to determine where the tree creation processes differed* and why. These differences could potentially help us illuminate two things:

what functionality issues the Tor Browser encounters on popular Web sites, and
what threats (beyond metadata surveillance) the TB is protecting its users from in-the-wild.

As far as I have considered, this method seems to capture a lot, but it's far from complete. For one thing, it obviously won't detect any difference that's spawned from user interaction or input (such as a script launched by an OnClick event). However, it does seem to make automation of scanning for Tor Friendliness possible, and can allow for wide-scale use.

We have moved ahead with development (though have not yet finished it) and are (hopefully) very close to a working prototype. I was wondering if there was feedback on this method, or if anyone can consider an angle we have not that would either make the TFS more robust, easier to create, or both.

Thanks for your time and consideration!

Kevin

*Note 1: Unfortunately we cannot just rely on _javascript_ for examining the content tree, since this needs to work on all 3 security settings of the TB's security slider, and the "safest" setting deactivates _javascript_ by default on all Web pages.

*Note 2: There can be non-functional differences in Web pages, such as different ads showing or the display of the current time. We are working on methods to distinguish these from functional differences, such as using ad blacklists to determine if a given request or script is part of an ad, and ignoring it as part of the difference between the two trees.

-- 
Kevin Gallagher
Ph.D. Candidate
Center For Cybersecurity
NYU Tandon School of Engineering
Key Fingerprint: D02B 25CB 0F7D E276 06C3  BF08 53E4 C50F 8247 4861

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Follow-Ups:
- Re: [tor-dev] Tor Friendliness Scanner
  - From: Georg Koppen
- Re: [tor-dev] Tor Friendliness Scanner
  - From: grarpamp
- Re: [tor-dev] Tor Friendliness Scanner
  - From: Roger Dingledine
- Re: [tor-dev] Tor Friendliness Scanner
  - From: Santiago Torres-Arias

Prev by Author: Re: [tor-dev] Tor Friendliness Scanner
Next by Author: Re: [tor-dev] Tor Friendliness Scanner
Previous by thread: Re: [tor-dev] Updating Proposal 299 (Preferring IPv4 or IPv6 based on IP Version Failure Count)
Next by thread: Re: [tor-dev] Tor Friendliness Scanner
Index(es):
- Author
- Thread