[tor-bugs] #28290 [Applications/Tor Browser]: Don't allow fingerprinting via navigator.userAgent
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Jan 18 05:02:29 UTC 2019
#28290: Don't allow fingerprinting via navigator.userAgent
--------------------------------------+--------------------------
Reporter: indigotime | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: tbb-fingerprinting-os | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------------------+--------------------------
Comment (by Thorin):
FWIW:
https://bugzilla.mozilla.org/show_bug.cgi?id=1509829 in FF66+ upstreamed
#26146 (this reduces HTTP header OSes to two, but leaves JS navigator to
four OSes)
https://bugzilla.mozilla.org/show_bug.cgi?id=1519122 (In RFP Mode, spoof
the modifier state "Meta" in OSX into a "Ctrl" state in keyboard events)
when landed will then allow MacOS to properly use the cmd key on sites
such as Google Docs etc - and then the JS navigator can be reverted to two
OSes (assuming all the web site breakage was from this).
1519122 will probably not happen before ESR68, but will hopefully be
backported when done, and then both Tor Browser and Firefox with RFP can
get in sync (also note that the platform will change to Windows 10 see
https://bugzilla.mozilla.org/show_bug.cgi?id=1511434) and headers vs
navigator will also be in sync
tl;dr: it's being handled upstream at Mozilla
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/28290#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list