[tor-bugs] #31587 [Applications/Tor Browser]: Conflicting metadata which could lead to fingerprinting
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Sep 1 14:22:39 UTC 2019
#31587: Conflicting metadata which could lead to fingerprinting
--------------------------+------------------------------------------
Reporter: bigsteve1337 | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Component: Applications/Tor Browser
Version: | Severity: Normal
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------+------------------------------------------
Tor Browser Version: 60.8.0esr
OS: MacOS Mojave
When I go to http://whatsmyos.com/ it tells me I am using Windows 7, which
is good.
However, if I go to https://brave.com it figures out that I am on MacOS
and automatically defaults to the MacOS download.
This is conflicting metadata and is prone to fingerprinting (which is
exactly what the fake Windows 7 info was trying to avoid).
After checking on panopticlick, I realized the conflict comes from:
User Agent: Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101
Firefox/60.0
Platform: MacIntel
Perhaps it's as easy as making the 'Platform' HTTP header just match the
Windows user agent?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31587>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list