[tor-bugs] #15161 [Tor Messenger]: CTCP fingerprinting
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Jul 8 18:29:10 UTC 2015
#15161: CTCP fingerprinting
-------------------------------+---------------------
Reporter: cypherpunks | Owner: sukhbir
Type: defect | Status: closed
Priority: normal | Milestone:
Component: Tor Messenger | Version:
Resolution: fixed | Keywords:
Actual Points: | Parent ID: #14161
Points: |
-------------------------------+---------------------
Changes (by sukhbir):
* status: reopened => closed
* resolution: => fixed
Comment:
Replying to [comment:9 arlolra]:
> From gk's audit,
>
> > While looking over ctcp-time.patch I got reminded by the problem that
Date methods may leak locale and or platform version information ("The
format of the return value may vary according to the platform" (see:
https://developer.mozilla.org/en-
US/docs/Web/JavaScript/Reference/Global_Objects/Date/toUTCString). It
might be worth verifiying that this is not a problem for Tor Messenger
(Tor Browser had/has #5926/#13019 and #15473 for this issue).
I have confirmed both with `CTCP TIME` and by running `new
Date().toUTCString()` (which is what `CTCP TIME` calls) on all platforms
and there is no difference in the result so we are not leaking anything
here.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15161#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list