[tor-bugs] #10419 [Firefox Patch Issues]: Can requests to 127.0.0.1 be used to fingerprint the browser?
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Feb 7 18:54:06 UTC 2014
#10419: Can requests to 127.0.0.1 be used to fingerprint the browser?
-------------------------------------+-------------------------------------
Reporter: mikeperry | Owner: mikeperry
Type: task | Status: needs_review
Priority: major | Milestone:
Component: Firefox Patch | Version:
Issues | Keywords: tbb-fingerprinting,
Resolution: | tbb-pref, MikePerry201401R
Actual Points: | Parent ID:
Points: |
-------------------------------------+-------------------------------------
Comment (by cypherpunks):
1. This fix can't to prevent fingerprinting for environment where
Torbrowser used without proxy, like Transparent proxy or something.
2. Tor is not nanny to control what does Torbrowser and it depends
ClientRejectInternalAddresses option, yet it loudly yells to user because
it's bug to surf localhost over Tor.
If you want to deny localhost connection attempts then find way to deny it
actually without reinventing any security holes.
It especially fun with fix for #10682.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10419#comment:32>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list