[tor-talk] Profiling Tor users via keystrokes

spencerone at openmailbox.org spencerone at openmailbox.org
Fri Jul 31 08:10:58 UTC 2015


>> flapflap:
>> http://arstechnica.com/security/2015/07/how-the-way-you-type-can-shatter-anonymity-even-on-tor/
>> says that apparently it's possible to deanonymise Tor users by 
>> analysing
>> their keystrokes in input fields of websites.
>> Is there need for modifications in the Tor Browser Bundle/upstream 
>> Firefox?
> grarpamp:
> A keystroke reclocker / normalizer might be better integrated
> as part of the keyboard driver in your OS. You'd only need to
> code it once, and could tune it to suit you however you want.
> Try checking with your OS.

Keystroke spoofing would only circumvent interception attacks, right?  
It seems destination-based form/packet-grabbing could still profile 

Is there a public keylogger that reveals what it sees so people can case 
test?  TorMirror?


More information about the tor-talk mailing list