[tbb-bugs] #13585 [Tor Browser]: Investigate recommending or including "Policeman" (Firefox Addon)

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun Oct 26 16:50:25 UTC 2014

#13585: Investigate recommending or including "Policeman" (Firefox Addon)
 Reporter:  bastik       |          Owner:  tbb-team
     Type:  task         |         Status:  new
 Priority:  normal       |      Milestone:
Component:  Tor Browser  |        Version:
 Keywords:               |  Actual Points:
Parent ID:               |         Points:
 Investigate the Firefox addon [https://addons.mozilla.org/en-
 US/firefox/addon/policeman/ Policeman.] It's
 [https://github.com/futpib/policeman code lives here.]

 I know about fingerprinting issues and this addon would be your worst
 nightmares because it allows to distinguish between pictures, media,
 scripts, styles, frames, but that is not why I'm suggesting to review this
 addon to see if it can be recommended safely or included into the Tor
 Browser for the following purpose.

 It has two ruleset which are currently disabled by default. The rulesets
 isolate i2p and .onion requests. An .onion does not load resources from
 example.org and example.org does not load resources from any .onion

 I think it is useful to disable loading resources from any non .onion
 source, by default, because beside the .onion owner some third-party could
 track Tor users, without uncovering them.

 So basically check if you can recommend or include it to allow every
 request from anywhere to anywhere (therefore no fingerprinting) and
 configure the addon to guard .onion and maybe i2p.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13585>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list