[tbb-bugs] #14310 [Tor Browser]: Standard on anonymized browser behaviour

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Jan 20 14:22:50 UTC 2015


#14310: Standard on anonymized browser behaviour
----------------------------------------------+--------------------------
 Reporter:  cypherpunks                       |          Owner:  tbb-team
     Type:  defect                            |         Status:  new
 Priority:  critical                          |      Milestone:
Component:  Tor Browser                       |        Version:
 Keywords:  browser-fingerprinting, standard  |  Actual Points:
Parent ID:                                    |         Points:
----------------------------------------------+--------------------------
 Hello. There is no dobt that browsers are fingerprintable. In my study
 (ticket #13400 ,article http://geektimes.ru/post/244484/comments/ in
 Russian, wait for english version a little) I and other commenters have
 fingerprinted differrent browsers on differrent systems (including tbb on
 win8, winxp, some linux distro, Tails and Whonix) with differrent fonts
 and the fingerprints were differrent on differrent systems.

 I think that we need a standard of browser behaviour which must
 * define a set of locally or remotely fingerprintable features (including
 values returned by differrent APIs, values can be measured (for example
 performance), behavoural patterns such as set of headers, etc...));
 * define their values for any anonymized browser which comply with
 standard.

 Also we need a standard on user fingerprinting mitigation to make it not
 to conflict browser fingerprinting prevention.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/14310>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tbb-bugs mailing list