tor-qa

tor-qa@lists.torproject.org

June 2012

8 participants
2 discussions

TBB QA: tor-0.2.2.37
by Runa A. Sandvik 06 Jul '12

06 Jul '12

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi everyone, We have uploaded new bundles [1] for OS X, Linux, and Windows. In addition to the new Tor, the bundles also have a new Firefox (10.0.5esr) and Vidalia 0.2.19. Please see Docs/changelog for details and make sure you test all the components. You have until June 10th 2012 13:00 GMT to test and report back. Please email this list directly with results or if you have any questions. Keep in mind that an email saying "I tested TBB on Debian Wheezy and found no bugs" is just as useful as a list of issues. We are working on building a manual TBB test suite for you to use. In the meantime, see #5292 [2], the BuildSignoff wiki page [3], and the TBB [4] design document for information about different types of tests you can perform. Thank you for helping us make the Tor Browser Bundle even better. I will try to be more responsive during this test round than the previous one, so please don't hesitate to email if you have questions. If you have any suggestions on things we can do better, please let me know. [1]: https://archive.torproject.org/tor-package-archive/tor-qa/tor-0.2.2.37/ [2]: https://trac.torproject.org/projects/tor/ticket/5292 [3]: https://trac.torproject.org/projects/tor/wiki/doc/build/BuildSignoff [4]: https://www.torproject.org/projects/torbrowser/design/#Testing Thanks, - -- Runa A. Sandvik -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJP00qaAAoJEOFf5ch5L7E4iwAP/3hH7hjrsl6PBfB4ADXmNso9 t6GaY6fOL6ZLodwJpguLDCOdAYb+ck63OszhS4RST1f2IJf4GMApN/ulAhUPxPpK bR59UoPmzdc0kCvs+bJ+ifubqAdSU0BzW897lOYD/ELnMyfXKjVrokrqI769bAS3 7clvSCf+nivsNyLEx2uTJLJH43I8L8nEMuqLbc7H4mlqAOOI6w9BfXz7MRud70yP CB+4Rm7ZTg1pbbU03Uh7kmbHi5/92rf1X/AhhJEVk3VNNu2A0B+dpO1zXAWPd+i8 WW+p2YOXxV0nQgYitz00Ru0OBivJhpLjbqKOgbbsdP6tr3gON3hq20QEh3B45oY0 XoEAMXHE5KC0Uuz6fmuUATTEQUn4fO+c07OyHVtgVrljq9kQHPD6gerGZloZiYGT iGFqV+xnCQyNVScGSiGtK9zrm5IwR4fNZtaO+Xleqs5xV9lJZhjepH0mvRz3/Xqu t8q8VP9l4vqHI+new/wfDghGO9v4lOU/lCHpOiAer/G6ZpK3B2pQaBWHtI4VUHmj h74/TNKMdJMlJ1s15Qb5DQMDUiIcCyOPCNVdMkc/cSlsNyrAjrwsAksYa10cWbRL m6PONxXAeTf4snBvKjGLDYByQyRIM6HvnjaXZlC2MoPKw0kx1YLIcLHyo/6s3yCM LtCQ37Ovo203zpxMCYYV =O/9s -----END PGP SIGNATURE-----

9 14

Panopticlick
by Katya Titov 11 Jun '12

11 Jun '12

On Sat, 9 Jun 2012 22:20:31 -0700 Mike Perry <mikeperry(a)torproject.org> wrote in another thread: > Thus spake Katya Titov (kattitov(a)yandex.com) > > > - https://panopticlick.eff.org/ - one in 223,553, 17.77 bits of > > identifying information > > Great test url, Katya. We have issues with how Panopticlick is run, > though. It has inherent bias against any change from established > norms, even if that change is in the direction of uniformity amongst a > population. I must admit that I'm not overly sure that the "1 in [x]" and "[x] bits of identifying information" are of use in an of themselves (e.g. my browser now "conveys at least 21.09 bits of identifying information" whereas it was only 17.77 just a few hours ago) but I thought I'd experiment with testing over time and see how the numbers change. I do like the table of browser characteristics. This could be useful to track over time, so maybe I should report the full table in future. > In particular, the largest sources of entropy in Panopticlick come > from our solutions to fingerprinting issues. The largest source of > bits (screen resolution) come from what is perhaps our most effective > reduction in information available to the fingerprinter: > https://trac.torproject.org/projects/tor/ticket/4810#comment:3 Hmmm ... could you report a standard desktop resolution? Maybe the standard resolution just higher than the current window size? Will this impact the browsing experience? I imagine that this is used by a website when it wants to open a pop up window ... what's the impact of opening what the site thinks is a full-size window with a smaller resolution than the actual desktop size? It's interesting to note that by far the largest screen resolution is "no javascript": https://trac.torproject.org/projects/tor/attachment/ticket/4810/panopticlic… That and similar data would be useful to track what they are seeing, and maybe feed into what TBB should be reporting. > Perhaps we should ask EFF to provide us with the Panopticlick source > code or so we can run a unique instance to evaluate TBB users only? > > I've created this ticket for that: > https://trac.torproject.org/projects/tor/ticket/6119 > > If you have any comments or suggestions wrt the above, please comment > on the bugs or create a new tor-qa thread rather than reply here. Happy to help test when/if you get a TBB instance up and running. -- kat

2 3