[tor-qa] Panopticlick

Katya Titov kattitov at yandex.com
Sun Jun 10 11:54:41 UTC 2012 

> > > https://trac.torproject.org/projects/tor/ticket/4810#comment:3
> > 
> > Hmmm ... could you report a standard desktop resolution? Maybe the
> > standard resolution just higher than the current window size? Will
> > this impact the browsing experience? I imagine that this is used by
> > a website when it wants to open a pop up window ... what's the
> > impact of opening what the site thinks is a full-size window with a
> > smaller resolution than the actual desktop size?
> 
> These are all topics for #4810. I think all of them have already been
> mentioned there actually, unless I'm reading you wrong.

Yes. I must remember to engage brain in future when reading ... ;-)

> > It's interesting to note that by far the largest screen resolution
> > is "no javascript":
> > 
> > https://trac.torproject.org/projects/tor/attachment/ticket/4810/panopticlick-screen-resolution-detection.txt
> > 
> > That and similar data would be useful to track what they are seeing,
> > and maybe feed into what TBB should be reporting.
> 
> Yeah, this "no javascript" data point is really a shortcoming of the
> panopticlick test, unfortunately.
> 
> You get the exact same data from CSS, plus quite a bit more:
> https://developer.mozilla.org/En/CSS/Media_queries

Nice!

> > > Perhaps we should ask EFF to provide us with the Panopticlick
> > > source code or so we can run a unique instance to evaluate TBB
> > > users only?
> > > 
> > > I've created this ticket for that:
> > > https://trac.torproject.org/projects/tor/ticket/6119
> > > 
> > > If you have any comments or suggestions wrt the above, please
> > > comment on the bugs or create a new tor-qa thread rather than
> > > reply here.
> > 
> > Happy to help test when/if you get a TBB instance up and running.
> 
> Actually, I think a useragent-based filter could go a long way to
> making the existing panopticlick data more useful:
> 
> https://trac.torproject.org/projects/tor/ticket/6119#comment:1

Certainly would. I like the idea of TBB defaulting to whatever is the
most common user agent, but also allowing users to choose from a list
of other common user agent strings. Assuming you've got access to the
Panopticlick database then I imagine that the common strings could be
pulled out automatically at build time and populated within TBB.

-- 
kat

More information about the tor-qa mailing list