Hi! Yes this is really interesting, I think I came across the same article weeks ago. Looking forward to those studies mentioned by Georg. Thanks! On 08/20/2015 12:44 PM, Georg Koppen wrote: > flapflap: >> Hi! >> >> (I didn't find this topic discussed here yet and I think it might be >> interesting) >> >> the article >> >> http://arstechnica.com/security/2015/07/how-the-way-you-type-can-shatter-anonymity-even-on-tor/ >> says that apparently it's possible to deanonymise Tor users by analysing >> their keystrokes in input fields of websites. >> >> Is it valid to assume that such a technique is possible to be deployed >> by, for example, cloudflare? (needs JavaScript, has an input field) >> (or is it required for learning to always enter the same text by the >> same user?) >> >> Is there need for modifications in the Tor Browser Bundle/upstream Firefox? > We already patch Tor Browser to reduce the precision of keypress events. > See: https://bugs.torproject.org/1517. It would be nice to see a study > that evaluates whether this is effective or not and if not, why not. > Anyway, there is still something to do in this area: > https://bugs.torproject.org/16110. > > Georg > > > >
Attachment:
signature.asc
Description: OpenPGP digital signature
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk