[tor-dev] TBB Memory Allocator choice fingerprint implications

Shawn Webb shawn.webb at hardenedbsd.org
Sat Aug 17 22:35:27 UTC 2019 

On Sat, Aug 17, 2019 at 03:06:04PM +0000, procmem at riseup.net wrote:
> Question for the Tor Browser experts. Do you know if it is possible to
> remotely fingerprint the browser based on the memory allocator it is
> using? (via JS or content rendering)
> 
> We are thinking of switching Tor Browser to use the minimalist and
> security oriented hardened_malloc written by Daniel Micay. Thanks.

Full disclosure: I'm not well versed in TBB's features, and especially
these kinds of low-level details. I'm a newb who loves to learn. :)

Does Firefox (and/or TBB) have a method for selecting alternate memory
allocators? If so, is the method compile-time or run-time?

Thinking out loud. My newbishness is gonna show:

It would be very interesting to see support for selecting the
allocator at runtime (perhaps requiring a restart of firefox to
activate switching.) Each allocator will perform differently on each
OS, especially with regards to memory safety (ASR versus ASLR,
per-boot randomization versus per-execve, different implementations of
memory guards, etc.)

Having the heap implementation selectable at runtime would enable
users to make the determination for themselves, while also making
future integration efforts easier through modularization/abstraction
APIs (I'm making a silly, naive, and likely wrong, assumption that such
APIs don't already exist.)

I hope I'm not coming off as "hey, do this." I'm just thinking out
loud in an admittedly naive fashion.

Anyone have any thoughts?

PS: I find Daniel's hardened_malloc project very interesting. I hope
to someday provide integration with it directly in HardenedBSD. In
similar vein as what you're thinking, even.

It would be interesting to see how OS fingerprinting changes as
different alternate implementations of various OS components (heap
implementations, LibreSSL versus OpenSSL, etc.) affect OS
fingerprinting at an application level (via JS, content rendering, or
otherwise.)

Thanks,

-- 
Shawn Webb
Cofounder / Security Engineer
HardenedBSD

Tor-ified Signal:    +1 443-546-8752
Tor+XMPP+OTR:        lattera at is.a.hacker.sx
GPG Key ID:          0xFF2E67A277F8E1FA
GPG Key Fingerprint: D206 BB45 15E0 9C49 0CF9  3633 C85B 0AF8 AB23 0FB2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20190817/1259a6ad/attachment-0001.sig>

More information about the tor-dev mailing list