[tor-talk] Users profiling through personаl banners filtering settings
unknown at pgpru.com
Sun Apr 10 14:35:48 UTC 2011
On Tue, 22 Mar 2011 18:26:34 +0000
unknown <unknown at pgpru.com> wrote:
> Too many users dislikes of annoying web elements -- banners, popups, scripts,
> strange frames. They use a tools to blocks that elements or change webpage rendering.
> Traditional programs for filtering is a local proxys -- privoxy or polipo are examples with
> close relation to Tor and used actively. This programs cannot filtering SSL-content and evil site
> can use mix of SSL-ed and non-SSL-ed banners, pop-ups, etc to determine a fact
> of using such proxy and trying to guess personal users filtering settings.
> The problem may be even worse, with or without using this proxy, even if users block
> contents within a browser itself (with Firefox plugins to block banners, and scripts). Not
> only sites, but "mans in the middles", adversarial clusters of evil exit nodes
> can does parsing traffic and modifying web contents by injecting banners, misconfigured
> cookies, incorrect frames.
> Injected traffic for various sites, in different times
> and seances can be the way of revealing users with personal blocking rules. Data
> about blocking profiles of that users may be statistical processed and correlated.
> Is it a real threat? Should Tor users stop blocking contents
> selectively? Or they can use predefined and shared rules in analogy of Torbutton?
Let me describe a two examples about users blocks banners in privoxy/polipo/adblock/etc:
1. Webhost can see that user block russian/german/chinese/etc big portal banners. Webservers owner can make a conjecture about specific language of the user.
2. One exit or colluding exit nodes can compare banners blocking profiles from time to time. Profiles can be linked from different seances.
More information about the tor-talk