browser fingerprinting - panopticlick
7v5w7go9ub0o
7v5w7go9ub0o at gmail.com
Fri Jan 29 16:26:58 UTC 2010
Mike Perry wrote:
> Thus spake Seth David Schoen (schoen at eff.org):
>
>> Mike Perry writes:
>>
>>> Thus spake coderman (coderman at gmail.com):
>>>
>>>> EFF has an interesting tool available:
>>>> https://panopticlick.eff.org/
>>>>
>>>> technical details at
>>>> https://www.eff.org/deeplinks/2010/01/primer-information-theory-and-privacy
>>>>
>>>> an interesting look at exactly how distinguishable your default
>>>> browser configuration may be...
>>> FYI, Torbutton has defended against many of these anonymity set
>>> reduction attacks for years, despite how EFFs site may make it appear
>>> otherwise.
>> Are you unhappy with the phrase "modern versions" in
>>
>> http://panopticlick.eff.org/self-defense.php
>>
>> or do you think that page as a whole isn't prominent enough?
>
> Ah yeah. I didn't see that at all. You should be linking to the
> sentence subjects instead of "here" :). The modern versions phrase
> could be changed to "Torbutton 1.2.0 and above" and still be correct,
> but I actually didn't notice that page at all.
>
> I also think the "Your browser fingerprint appears to be unique among
> the N tested so far" string could be perhaps increased in size or also
> have the number bolded too.
>
> As an aside, since there are already some questions in #tor and
> #tor-dev, I want to point out that Torbutton's obfuscation features
> are only intended to make you appear uniform amongst other Tor users.
> Tor users already stick out like a sore thumb because of using exit
> IPs, and the small numbers relative to the rest of your vistor base
> will make Torbutton's obfuscated settings appear very unique compared
> to regular visitors.
>
These guys have been warning about the browser fingerprint issue for
years.
<http://anon.inf.tu-dresden.de/help/jap_help/en/help/security_test.html>
They offer a FireFox plugin that attempts to provide a more generic
signature.
(I love it when my Firefox/Linux browser registers as I.E./Windows.) :-)
(It is also fun watching the Suricata and Snort IDS logs after changing
to I.E.)
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
More information about the tor-talk
mailing list