[tor-talk] Profiling Tor users via keystrokes
Qaz
qazxswedc at openmailbox.org
Fri Aug 21 03:56:28 UTC 2015
Hi!
Yes this is really interesting, I think I came across the same article
weeks ago. Looking forward to those studies mentioned by Georg.
Thanks!
On 08/20/2015 12:44 PM, Georg Koppen wrote:
> flapflap:
>> Hi!
>>
>> (I didn't find this topic discussed here yet and I think it might be
>> interesting)
>>
>> the article
>>
>> http://arstechnica.com/security/2015/07/how-the-way-you-type-can-shatter-anonymity-even-on-tor/
>> says that apparently it's possible to deanonymise Tor users by analysing
>> their keystrokes in input fields of websites.
>>
>> Is it valid to assume that such a technique is possible to be deployed
>> by, for example, cloudflare? (needs JavaScript, has an input field)
>> (or is it required for learning to always enter the same text by the
>> same user?)
>>
>> Is there need for modifications in the Tor Browser Bundle/upstream Firefox?
> We already patch Tor Browser to reduce the precision of keypress events.
> See: https://bugs.torproject.org/1517. It would be nice to see a study
> that evaluates whether this is effective or not and if not, why not.
> Anyway, there is still something to do in this area:
> https://bugs.torproject.org/16110.
>
> Georg
>
>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20150821/d4ea2771/attachment.sig>
More information about the tor-talk
mailing list