[tbb-bugs] #21609 [Applications/Tor Browser]: Investigate device sensor code for possible information leaks (was: Investigate updated device orientation code for possible information leaks)

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed May 3 06:40:49 UTC 2017


#21609: Investigate device sensor code for possible information leaks
-------------------------------------------------+-------------------------
 Reporter:  gk                                   |          Owner:  tbb-
                                                 |  team
     Type:  defect                               |         Status:  new
 Priority:  High                                 |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  ff52-esr, tbb-7.0-must-alpha, tbb-   |  Actual Points:
  fingerprinting, TorBrowserTeam201705           |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
                                                 |  Sponsor4
-------------------------------------------------+-------------------------
Changes (by arthuredelstein):

 * cc: arthuredelstein (added)


Comment:

 We do have fingerprinting protection for "screen orientation" and related
 events, but in fact we never introduced specific protection for "device
 orientation" events. We did, however, disable device sensor readings in
 general in #15758 by setting "device.sensors.enabled" to `false`. These
 sensors may include:
 {{{
     TYPE_ORIENTATION = 0U,
     TYPE_ACCELERATION = 1U,
     TYPE_PROXIMITY = 2U,
     TYPE_LINEAR_ACCELERATION = 3U,
     TYPE_GYROSCOPE = 4U,
     TYPE_LIGHT = 5U,
     TYPE_ROTATION_VECTOR = 6U,
     TYPE_GAME_ROTATION_VECTOR = 7U
 }}}

 In TBB 7.0a3's JS console, I see four relevant APIs:
 * DeviceLightEvent
 * DeviceMotionEvent
 * DeviceOrientationEvent
 * DeviceProximityEvent

 Despite the presence of these interfaces, the Mozilla code appears to
 suggest that disabling "device.sensors.enabled" should result in no such
 events being generated from sensor hardware, because sensor observers are
 never registered. Unfortunately I don't currently have a laptop with such
 sensors (do these exist?) so I can't do a manual test. Maybe we can find a
 hook for simulating sensor data.

 Also, this should be a particularly useful thing to examine on Orfox.
 Ideally these sensors would be behind a permission that is requested if a
 content script calls, for example, `addEventListener("deviceorientation",
 ...)`.

 I have changed the title to cover all device sensor code.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21609#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tbb-bugs mailing list