[tor-talk] Spoofing a browser profile to prevent fingerprinting

Seth David Schoen schoen at eff.org
Wed Jul 30 03:21:43 UTC 2014


Mirimir writes:

> The risk from doing that, of course, is that each user will tend to
> customize their NoScript profile in a distinct way. And that will allow
> websites to tell them apart.
> 
> Even so, Panopticlick can't report anything about that. For that, one
> would need a version of Panopticlick that's restricted to assessing and
> comparing Tor browser profiles. Right?

Yes, ultimately to make the numbers be meaningful in this sense,
they'd need to measure everything that's realistically measureable by
an adversary, and then they would need a current representative sample
of browsers (or of Tor Browser configurations).

-- 
Seth Schoen  <schoen at eff.org>
Senior Staff Technologist                       https://www.eff.org/
Electronic Frontier Foundation                  https://www.eff.org/join
815 Eddy Street, San Francisco, CA  94109       +1 415 436 9333 x107


More information about the tor-talk mailing list