[tor-bugs] #5273 [Firefox Patch Issues]: Update TBB design doc for 2.3.x-alpha

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Wed Jul 18 08:51:29 UTC 2012


#5273: Update TBB design doc for 2.3.x-alpha
----------------------------------+-----------------------------------------
 Reporter:  mikeperry             |          Owner:  mikeperry                    
     Type:  defect                |         Status:  new                          
 Priority:  major                 |      Milestone:  TorBrowserBundle 2.3.x-stable
Component:  Firefox Patch Issues  |        Version:                               
 Keywords:  MikePerry201207       |         Parent:                               
   Points:                        |   Actualpoints:                               
----------------------------------+-----------------------------------------

Comment(by gk):

 Replying to [comment:15 mikeperry]:
 > Additionally, it occurs to me that I should probably sit down and
 actually make an example context menu for my mockup privacy UI. It would
 contain choices such as:
 >  * Remove all site history and data        [mapped to delete key]
 >  * Clear Tracking Data
 >  * Protect site data during New Identity
 >  * ------------
 >  * Block advertising from site
 >  * Beg site for privacy (aka "Do Not Track")
 >  * Allow Plugins and other Media Content
 >
 > The reason to put the beggar's header, the adblocker, and the plugin
 control on a per site basis is to avoid the fingerprinting due to global
 prefs.
 Maybe I am bit slow here but could you explain the fingerprinting risks
 you see for TBB users a bit? Offering these options seems rather to
 introduce fingerprinting issues as users choosing them are not in the
 default set anymore. Let alone the option for bad exits to test whether
 users are deploying the same filterlists and if not separating them and so
 on...

 > I still hate the beggar's header and dislike the adblocker ideas, but
 siloing them per url bar at least mitigates the damage they can do. The
 per-site adblocker might also drive per-site incentive for ads to not suck
 more than a global adblocker would.

 I am lost here as well. But maybe your ideas are due to the "Correlate
 activity across multiple site visits" adversary goal you thought about
 adding for completeness' sake? If so, I do not see how options buried in a
 context menu which are off by default could defend against it.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5273#comment:16>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list