tor-qa

Download

tor-qa@lists.torproject.org

June 2012

8 participants
2 discussions

TBB QA: tor-0.2.2.37
by Runa A. Sandvik 06 Jul '12

06 Jul '12

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi everyone, We have uploaded new bundles [1] for OS X, Linux, and Windows. In addition to the new Tor, the bundles also have a new Firefox (10.0.5esr) and Vidalia 0.2.19. Please see Docs/changelog for details and make sure you test all the components. You have until June 10th 2012 13:00 GMT to test and report back. Please email this list directly with results or if you have any questions. Keep in mind that an email saying "I tested TBB on … [View More]

9 14

Panopticlick
by Katya Titov 11 Jun '12

11 Jun '12

On Sat, 9 Jun 2012 22:20:31 -0700 Mike Perry <mikeperry(a)torproject.org> wrote in another thread: > Thus spake Katya Titov (kattitov(a)yandex.com) > > > - https://panopticlick.eff.org/ - one in 223,553, 17.77 bits of > > identifying information > > Great test url, Katya. We have issues with how Panopticlick is run, > though. It has inherent bias against any change from established > norms, even if that change is in the … [View More]direction of uniformity amongst a > population. I must admit that I'm not overly sure that the "1 in [x]" and "[x] bits of identifying information" are of use in an of themselves (e.g. my browser now "conveys at least 21.09 bits of identifying information" whereas it was only 17.77 just a few hours ago) but I thought I'd experiment with testing over time and see how the numbers change. I do like the table of browser characteristics. This could be useful to track over time, so maybe I should report the full table in future. > In particular, the largest sources of entropy in Panopticlick come > from our solutions to fingerprinting issues. The largest source of > bits (screen resolution) come from what is perhaps our most effective > reduction in information available to the fingerprinter: > https://trac.torproject.org/projects/tor/ticket/4810#comment:3 Hmmm ... could you report a standard desktop resolution? Maybe the standard resolution just higher than the current window size? Will this impact the browsing experience? I imagine that this is used by a website when it wants to open a pop up window ... what's the impact of opening what the site thinks is a full-size window with a smaller resolution than the actual desktop size? It's interesting to note that by far the largest screen resolution is "no javascript": https://trac.torproject.org/projects/tor/attachment/ticket/4810/panopticlic… That and similar data would be useful to track what they are seeing, and maybe feed into what TBB should be reporting. > Perhaps we should ask EFF to provide us with the Panopticlick source > code or so we can run a unique instance to evaluate TBB users only? > > I've created this ticket for that: > https://trac.torproject.org/projects/tor/ticket/6119 > > If you have any comments or suggestions wrt the above, please comment > on the bugs or create a new tor-qa thread rather than reply here. Happy to help test when/if you get a TBB instance up and running. -- kat [View Less]

2 3