[tor-bugs] #5816 [Firefox Patch Issues]: Unintentional connections by TBB to Google and Yahoo servers

[Tor Bug Tracker & Wiki]

#5816: Unintentional connections by TBB to Google and Yahoo servers
--------------------------------------+-----------------------
     Reporter:  cypherpunks           |      Owner:  mikeperry
         Type:  defect                |     Status:  new
     Priority:  minor                 |  Milestone:
    Component:  Firefox Patch Issues  |    Version:
   Resolution:                        |   Keywords:
Actual Points:                        |  Parent ID:
       Points:                        |
--------------------------------------+-----------------------
Changes (by browserprivacy):

 * cc: browserprivacy (added)
 * priority:  trivial => minor


Comment:

 @mikeperry, aren't the issues in the original ticket a violation of:

 2.2.1 Cross-Origin Identifier Unlinkability

 2.2.1 Cross-Origin Fingerprinting Unlinkability

 Even innocuous requests to major aggregators of personal information like
 Google and Yahoo could theoretically be used to log information as simple
 as the time a given client was or was not browsing, and the presence or
 absence of the results of such requests--when combined with other
 information collected by those servers--could still be potentially useful
 in identifying and fingerprinting users.

 The arguments for this behavior violating TBB design requirements are
 indirect, but rooted in the idea that it's not any one piece of
 information these companies collect that's problematic.  It's the totality
 of information provided or leaked to Google and/or Yahoo that's
 problematic, and the connections mentioned in this ticket add to that.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5816#comment:14>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online