[tor-bugs] #19199 [Applications/Tor Browser]: Completely disable canvas content and related warning popup based on Security Slider setting

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun May 29 14:59:35 UTC 2016


#19199: Completely disable canvas content and related warning popup based on
Security Slider setting
-------------------------------------+-------------------------------------
     Reporter:  cypherpunks          |      Owner:  tbb-team
         Type:  defect               |     Status:  new
     Priority:  Medium               |  Milestone:
    Component:  Applications/Tor     |    Version:
  Browser                            |   Keywords:  privacy, anonymity,
     Severity:  Normal               |  fingerprinting
Actual Points:                       |  Parent ID:  #18027
       Points:                       |   Reviewer:
      Sponsor:                       |
-------------------------------------+-------------------------------------
 Canvas-based fingerprinting is a potent threat to anonymity. I believe it
 does not make sense to have it potentially enabled (following a popup
 dialog) at elevated Security Slider settings, and even with the Security
 Slider on "High," and probably also on Medium-High, Medium, and
 potentially Medium-Low.

 Fingerprintable canvas content (and its related popup) should be
 completely disabled when the Security Slider is at one of these elevated
 settings, and it should be transparent to the user. It may make sense to
 still present the icon in the address bar so that it can be enabled
 manually, on a per-site or per-page basis, if a user needs this feature.

 Thank you all so much.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19199>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list