[tor-bugs] #10400 [TorBrowserButton]: Provide "New Identity" option that uses session restore
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Dec 21 13:16:09 UTC 2013
#10400: Provide "New Identity" option that uses session restore
----------------------------------+---------------------------------------
Reporter: mikeperry | Owner: mikeperry
Type: enhancement | Status: new
Priority: major | Milestone:
Component: TorBrowserButton | Version:
Resolution: | Keywords: tbb-usability, tbb-newnym
Actual Points: | Parent ID:
Points: |
----------------------------------+---------------------------------------
Comment (by cypherpunks):
Replying to [comment:7 mikeperry]:
> In theory, adversaries could encode identifiers in the first party urls
stored in the session store.
"In theory"? It's very common to put user identifiers in URLs (session IDs
a la PHPSESSIONID, user names, user ids etc.).
Restoring these after "new identity" would immediately link the old
session/identity to the new one.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10400#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list