[tor-bugs] #13858 [Tor Browser]: Resolution fingerprinting possible with Tor Browser Bundle
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Dec 4 00:49:29 UTC 2014
#13858: Resolution fingerprinting possible with Tor Browser Bundle
-----------------------------+----------------------
Reporter: sleurn | Owner: tbb-team
Type: defect | Status: new
Priority: major | Milestone:
Component: Tor Browser | Version:
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
-----------------------------+----------------------
Comment (by sleurn):
Replying to [comment:2 gk]:
> The values are hard-coded to a multiple of 200x100. That is unless you
start resizing your screen. Are you doing that?
No, I don't. The above was with its window maximized. (I.e. not the
default window size it starts up with on first run after unpacking into a
new directory, which is smaller, but the one resulting from using the
"maximize" window button.)
My usage scenario is:
- Download the new TBB version
- Delete the old "Tor Browser" folder
- Unpack the new version into the same directory as the old one. (I.e.,
re-creating the "Tor Browser" folder. Which, though, is not on the
desktop.)
- On first run:
- Using the NoScript button, "Forbid scripts globally"
- Hide the menu bar
- In the browser options -> Advanced -> General, disable "Use
smooth scrolling"
For the "panopticlick" test I did the "Temporarily allow all this page"
with the NoScript button. Since resolution detection requires javascript.
But you are right that it changes when resized, e.g., I made it
significantly smaller and got 622x296x24 (same version on WinXP).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13858#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list