[tor-bugs] #21792 [Applications/Tor Browser]: Make sure MediaError.message does not aid to fingerprinting
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Apr 28 17:42:03 UTC 2017
#21792: Make sure MediaError.message does not aid to fingerprinting
-------------------------------------------------+-------------------------
Reporter: gk | Owner:
| arthuredelstein
Type: defect | Status:
| needs_review
Priority: High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: ff52-esr, tbb-fingerprinting, | Actual Points:
tbb-7.0-must-alpha, TorBrowserTeam201704R |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Changes (by arthuredelstein):
* status: accepted => needs_review
* keywords: ff52-esr, tbb-fingerprinting, tbb-7.0-must-alpha,
TorBrowserTeam201704 =>
ff52-esr, tbb-fingerprinting, tbb-7.0-must-alpha,
TorBrowserTeam201704R
Comment:
I did a lot of exploration of the code that generates MediaError.messages.
I didn't find any that seemed likely to reveal any system information. On
the other hand, I may have missed a case, and I can imagine more privacy-
violating messages might be introduced in the future. So, to be safe, I
wrote a patch that censors any messages when
"privacy.resistFingerprinting" is enabled:
https://github.com/arthuredelstein/tor-browser/commit/21792
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21792#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list