[tor-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Feb 25 18:59:49 UTC 2016 

#18361: Issues with corporate censorship and mass surveillance
------------------------------------------+--------------------------
 Reporter:  ioerror                       |          Owner:  tbb-team
     Type:  enhancement                   |         Status:  new
 Priority:  High                          |      Milestone:
Component:  Tor Browser                   |        Version:
 Severity:  Critical                      |     Resolution:
 Keywords:  security, privacy, anonymity  |  Actual Points:
Parent ID:                                |         Points:
  Sponsor:                                |
------------------------------------------+--------------------------

Comment (by madD):

 BIOMETRICS ALERT
 An eye-opening article by a data mining researcher, Igor Savinkin,
 http://scraping.pro/no-captcha-recaptcha-challenge/
 says:
 "For this new type of CAPTCHA the main evidence will be browser behaviour,
 rather than check box value.
 '''mouse movement, its slightness and straightness
 page scrolls
 time intervals between browser events
 keystrokes
 click location history tied to user fingerprint'''
 All these criteria, are stored in the browser’s cookie. These criteria are
 processed by Google’s server"

 He also states that the communication between the user and Google server
 is encrypted.

 It should be emphasized, that there is a DARPA '''technology to identify
 people by mouse movements and typing''' http://www.itnews.com.au/news
 /users-ided-through-typing-mouse-movements-365221. In 2013 this technology
 was "being extended to capture mouse movements and touch inputs from
 mobile devices".

 CloudFlare highly probably is an accomplice in a mass biometrics
 collection and deanonymization service. There is no wonder that we got
 GLOMARed by their CTO on most occasions before he went silent completely.
 This program surely violates privacy laws, at least in Europe, because the
 users get no warning that their bodily movements are recorded and sent for
 analysis in the USA.
 I wonder under which legal frame conducts CloudFlare this intelligence
 operation in the EU, is it under never-to-be-defunct Safe Harbor
 agreement? Or does CF have a special agreement, does anybody know?

 CAPTCHA must be understood as '''CAPTURE&GOTCHA you bloody data-slaves!

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18361#comment:147>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list