[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Profiling Tor users via keystrokes



On Thu, 30 Jul 2015 16:36:15 -0700, flapflap <flapflap@xxxxxxxxxx> wrote:
http://arstechnica.com/security/2015/07/how-the-way-you-type-can-shatter-anonymity-even-on-tor/
says that apparently it's possible to deanonymise Tor users by analysing
their keystrokes in input fields of websites.

Is it valid to assume that such a technique is possible to be deployed
by, for example, cloudflare? (needs JavaScript, has an input field)
(or is it required for learning to always enter the same text by the
same user?)

Is there need for modifications in the Tor Browser Bundle/upstream Firefox?

Back in the late 90's there was a company in the Seattle area called Biopassword [1] that sold a biometric typing cadence two factor authentication product for Windows systems. I demoed it and it was eerily effective.

Can only imagine where the technology is now.

[1] https://web.archive.org/web/20010201063600/http://www.biopassword.com/
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk