[tor-talk] Spoofing a browser profile to prevent fingerprinting

Aymeric Vitte vitteaymeric at gmail.com
Tue Jul 29 21:16:33 UTC 2014

The video is back here http://youtu.be/QOP4NHvJAGM

Not sure I was clear in my previous answers, your fingerprint will be 
the one of a normal person, not the one of someone that is trying to 
anonymize himself even if you are indeed anonymizing yourself.


Le 29/07/2014 22:33, Aymeric Vitte a écrit :
> Please see my previous answer, the fingerprint will be the one of a 
> normal browser, not the Tor browser, so like when you are using a 
> normal browser, a unique fingerprint that changes, so finally you are 
> not unique at all.
> I was thinking at that time to add some fingerprint "spoofing" 
> features, not sure it's a good idea since you might end up with 
> different people having the same fingerprint, then recognizable, the 
> best is to be temporarly unique I believe.
> Regards,
> Le 29/07/2014 19:33, Mirimir a écrit :
>> On 07/29/2014 11:09 AM, Aymeric Vitte wrote:
>>> Sorry, I forgot to say: it's not operational, it was working but I
>>> stopped it after a crowdfunding campaign which turned to be a flop,
>>> meaning that nobody cares.
>> :(
>>> But the concepts still stand, even if complicate, the requirements were
>>> that it should work without disturbing the browser's behavior or 
>>> hacking
>>> into it (so it works from any browser) and the basic principles were
>>> that there was no point of tracking you on a fake domain, here it does
>>> not really depend on how many people are using it, you just behave like
>>> a normal user on a non existing domain.
>> Yes, as I understand it, everyone using it would effectively be using
>> the same browser, and only viewing the output through their local
>> browser. So the website always sees the proxy browser. Is that right?
>> Would the proxy browser always show the current Tor browser fingerprint?
>>> An issue was that people need to set the proxy settings to the server
>>> that is relaying the data, so not very user friendly...
>>> Probably the video demo was more self explainatory, I will put it back
>>> on yt and provide the link
>> Thank you.
>>> I think now that it was too complicate but maybe some inspiration can
>>> come from it.
>>> Regards,
>>> Le 29/07/2014 18:40, Mirimir a écrit :
>>>> On 07/29/2014 10:09 AM, OpenPGP wrote:
>>>>> Hi all,
>>>>> has anybody tried the solution mentioned in http://www.ianonym.com ?
>>>>> I'm just reading all the stuff and information but feel a bit lost :p
>>>>> how to
>>>>> set it al and use it ;)
>>>> My word, that is complicated!
>>>> But even so, if only a few use it with Tor, they probably stand out.
>>>> More generally, the greater the diversity of anonymization options, 
>>>> the
>>>> less anonymity there is :(
>>>>>> Aymeric Vittesal:
>>>>>> ...
>>>>>> Or unless you use something like http://www.ianonym.com, it was
>>>>>> designed
>>>>>> to defeat all forms of tracking/fingerprinting with the fake domain
>>>>>> concept and hide your destination even with https.
>>>>>> Since it takes control over the whole web page, the js 
>>>>>> interactions are
>>>>>> sandboxed with a script to "tame" the page, a prototype was 
>>>>>> working but
>>>>>> maybe it's a bit too complicate...
>>>>>> Regards
>>>>> ______________________________
>>>>> http://www.openpgp.org
>>>>> https://www.gnupg.org
>>>>> ______________________________________________________________

Peersm : http://www.peersm.com
torrent-live: https://github.com/Ayms/torrent-live
node-Tor : https://www.github.com/Ayms/node-Tor
GitHub : https://www.github.com/Ayms

More information about the tor-talk mailing list