[tor-bugs] #10286 [Applications/Tor Browser]: Touch events leak absolute screen coordinates
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri May 12 07:23:20 UTC 2017
#10286: Touch events leak absolute screen coordinates
-------------------------------------------------+-------------------------
Reporter: mikeperry | Owner:
| arthuredelstein
Type: defect | Status: closed
Priority: High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution: fixed
Keywords: tbb-fingerprinting-resolution, | Actual Points:
ff52-esr, tbb-testcase, tbb-firefox-patch, |
tbb-7.0-must-alpha, TorBrowserTeam201705R |
Parent ID: | Points:
Reviewer: | Sponsor:
| Sponsor4
-------------------------------------------------+-------------------------
Changes (by gk):
* status: needs_review => closed
* resolution: => fixed
Comment:
Replying to [comment:32 mcs]:
> Replying to [comment:31 mcs]:
> > I am not yet sure why the failures are occuring. Unfortunately I am
out of time for now, but I will try to investigate more later tonight or
early tomorrow.
>
> The test failures occurred in the "fingerprinting resistance off" case.
Kathy came up with a good theory: maybe the doubling of the radius
occurred because I ran the tests on a Mac with a Retina (2x) display. If
that is what is happening, this seems like a Firefox bug (maybe in the
test code that synthesizes events?) since all distance units within the
Touch Events are supposed to be CSS pixels. This should not prevent us
from merging these patches.
Good theory. Do you mind filing an upstream bug for that? Meanwhile, I
applied the patches to `tor-browser-52.1.0esr-7.0-2` (commits
1b6559c0763f2ae0c9ad56307642e6d6462c3ede,
331f089d6b6ba62463d8362d7ca01641a4cc92dc, and
00d2bfb5067659c352690c06cb85a8b76bc7addb).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10286#comment:33>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list