[tor-bugs] #3018 [TorBrowserButton]: More Torbutton Header Issues

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Mon May 2 19:23:20 UTC 2011 

#3018: More Torbutton Header Issues
------------------------------+---------------------------------------------
 Reporter:  zak               |          Owner:  mikeperry                     
     Type:  defect            |         Status:  assigned                      
 Priority:  major             |      Milestone:  Tor Browser Bundle for Windows
Component:  TorBrowserButton  |        Version:  Torbutton: 1.3                
 Keywords:                    |         Parent:                                
   Points:                    |   Actualpoints:                                
------------------------------+---------------------------------------------

Comment(by zak):

 Hi this is zak, thanks for answering.
 I am the one who made the screen shot and highlighted in red the
 interesting parts . The test  is  the jondo test for jondo and tor that
 you can find here: http://ip-check.info/?lang=en.
 I executed lots of  test like the Deanonymizer test
 (http://deanonymizer.com/test.php) and so far everything is fine and the
 torbutton seems doing well.
 In the first test you will also see that jondo does not seem to approve
 the smartspoof (their point is that the header of the browser does not
 change only when changing domain but also when changing sub-domain).
 I also executed this test on linux and the results are the same as on
 windows.I do not know if there is a real problem in terms of security, the
 only problem I see is that if there are, for example, 100 people using the
 configuration shown in the photo tb2 (this is the configuration of the
 Firefox 4 Tor Browser Bundle for Windows with  firefox4 and torbutton
 1.3.2 alpha after some changes but it's also the configuration of
 firefox3 with Torbutton 1.2.5) and there are 10 people using the
 configuration shown on the TB1 shot (this is the configuration of firefox4
 with Torbutton 1.3.2. alpha),then it will be much easier to distinguish
 the ten  from the other. Let me know if you need more details in order to
 explain the problem better (by the way i am a huge fan) by

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3018#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list