[tor-bugs] #16285 [Tor Browser]: Make sure EME is no tracking risk in Tor Browser based on ESR 38
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Jun 3 12:10:04 UTC 2015
#16285: Make sure EME is no tracking risk in Tor Browser based on ESR 38
---------------------------------------+---------------------
Reporter: gk | Owner: gk
Type: task | Status: new
Priority: normal | Milestone:
Component: Tor Browser | Version:
Keywords: ff38-esr, tbb-linkability | Actual Points:
Parent ID: | Points:
---------------------------------------+---------------------
The EME architecture got uplifted to Firefox 37
(https://bugzilla.mozilla.org/show_bug.cgi?id=1137045) in is included in
ESR 38 as well. We should make sure there are no accompanying
tracking/fingerprinting risks. The best plan is probably to disable EME as
Mozilla is doing in its ESR 38 release. We may need a custom patch as
Mozilla is basically enabling it
{{{
#if !defined(MOZ_UPDATE_CHANNEL) || MOZ_UPDATE_CHANNEL != esr
}}}
While we may want to take a deeper look at it when we switch to ESR 45 we
should make sure that everything related to EME is really disabled if the
respective prefs are set to `false`
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16285>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list