[tor-bugs] #6422 [Firefox Patch Issues]: Remove Do Not Track option from Tor Browser privacy preferences

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Fri Jul 20 04:41:54 UTC 2012 

#6422: Remove Do Not Track option from Tor Browser privacy preferences
----------------------------------+-----------------------------------------
 Reporter:  mikeperry             |          Owner:  mikeperry
     Type:  defect                |         Status:  new      
 Priority:  normal                |      Milestone:           
Component:  Firefox Patch Issues  |        Version:           
 Keywords:  tbb-fingerprinting    |         Parent:  #5545    
   Points:                        |   Actualpoints:           
----------------------------------+-----------------------------------------

Comment(by mikeperry):

 Actually, my opposition to DNT:1 is many-faceted. See #5501 for the full
 litany of concerns complete with a bonus dose of hilarity at the end
 thanks to our friends at Microsoft, who basically read my mind and decided
 to demonstrate just one of the many hilarious ways this header can be
 abused by powerful interests for their own ends.

 I don't think companies will be hostile to Tor traffic simply because of
 DNT. I think that an on-by-default adblocker will cause hostility..
 perhaps you misunderstood that point? I think we can support ads while
 still providing privacy against 3rd party tracking, so we should not
 destroy the revenue stream of sites who welcome Tor users. We should
 prevent 3rd party tracking though, and we don't need DNT:1 to do it.

 Actually implementing DNT as Privacy by Design might also face some
 opposition/breakage, but at least the Privacy by Design subversion will be
 obvious to us by way of that breakage. The problem with DNT:1 is that it
 will also be subverted in secret, outside the reach of regulatory or even
 netizen oversight. It will also be subverted by the vagueries of
 conflicting definitions and service specific use cases. P3P already failed
 hard, and it was way more amenable to fine-tuning.

 I was briefly moved to consider allowing DNT:1 as a per-site privacy
 option, because that is way better than a global one from a fingerprinting
 perspective. Also, I thought it might be cute to literally have a site-
 specific menu option that said "Beg site for privacy". I did not expect
 anyone to take it seriously. Georg pointed out that even this much
 endorsement was dangerous. I think he's right.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6422#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list