[tbb-bugs] #17446 [Tor Browser]: Canvas image extraction prompt logic
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Nov 16 13:19:06 UTC 2015
#17446: Canvas image extraction prompt logic
-------------------------------------------------+-------------------------
Reporter: arthuredelstein | Owner: tbb-
Type: defect | team
Priority: Medium | Status:
Component: Tor Browser | needs_review
Severity: Normal | Milestone:
Keywords: tbb-fingerprinting, | Version:
PearlCrescent201511R, TorBrowserTeam201511R | Resolution:
Parent ID: | Actual Points:
Sponsor: | Points:
-------------------------------------------------+-------------------------
Changes (by gk):
* status: needs_revision => needs_review
Comment:
So, the code looks good for me wrt what it is intended to do. But I am not
sure whether we really want it to behave that way: the spec is supporting
the old behavior (i.e. this seems to be a feature):
{{{
If the user hasn't previously allowed the site in the URL bar to access
Canvas image data, pure white image data is returned to the Javascript
APIs.
}}}
It has some appeal to think about this being like a cookie or DOM storage
token and thus treat it the same way (bind it to the state of the domain
in the URL bar). But this model might be flawed in this case as a) it is
possible to get rid of the client side tokens/have some control about the
collection which is hard in the case of the fingerprint created by the
canvas extraction and b) there is some additional information leaking as
the canvas extraction is only allowed after the user gave consent. And
then, c), there seems to be the use-case missing for third-party canvas
extraction (but maybe I am wrong here).
I guess we can test it in the alpha a bit, though. commit
b501eedc0b4b8018f930fdaf3fc5d0116fab0b14 merged the patch.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17446#comment:14>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list