[tor-talk] New methods / research to detect add-ons?

Tue Sep 29 16:46:33 UTC 2015

Spencer,

The closest thing I'm aware of to a one-stop-shop to view the factors of 
your fingerprint would be Valve's fingerprint.js library:

https://github.com/Valve/fingerprintjs2

It's definitely not sophisticated enough to meet most Tor users' needs, 
but it's a good start. It's also well documented and can easily be run 
locally.

To answer your question:

> With this logic, TorBrowser users could select a unique set of add-ons
> each session, correct?

It's important to consider TBB's design... which is to make _all_ Tor 
Browser Bundle users look identical. This provides strong anonymity 
amongst other TBB users. It does not hide the fact that you're using Tor 
or the TBB, but attempts to hide you within the group to make each 
individual difficult to uniquely track. This is also the reason for the 
recent roll-out of the per-domain circuits, because third-party trackers 
could collude to correlate traffic and de-anonymize Tor users that way. 
This is also why Tor Project released the "slider" to pick from a 
handful of pre-defined security/privacy levels. Because of indirect 
detection of the myriad of potential browser configurations, individual 
configurations could inadvertently make people quite unique. So the 
slider helps to coalesce the potentially huge number of combinations to 
single digits, assuming that most people will be comfortable with a 
provided setting.

First, the default configuration of TBB is sufficient to make 
cross-session fingerprinting and tracking difficult (not impossible, 
especially if JS is enabled, but that has trade-offs of its own). 
Installing unique add-ons each session, would make tracking across 
sessions a little more difficult (albeit probably easier than the 
default TBB config since you would be, once again, unique...), at the 
expense of being unique during that session.

That practice would be almost universally discouraged, except perhaps 
for some imaginative fringe cases.

I think it's well known and understood that "adding add-ons to TBB" = 
"bad for anonymity", but I'd prefer to know "how bad", instead of just a 
binary good / bad.

Perhaps this want to know more resonates with others, and will warrant 
some research if it's not already been undertaken.

All the best,

pacifica

On 2015-09-29 16:22, Spencer wrote:
> Hi,
> 
>> 
>> aka:
>> Every add-on installed/not installed gives you one more bit of 
>> detection.
>> 
>> If [x] records you visiting an internet forum via TBB and
>> leaking something and detect another visitor with the same 3 bits set
>> looking for a train schedule, they can verify with a high confidence
>> you posted that message and live in that area.
>> That's why it's important that every TBB installation has the same
>> Http-Header values and same add-ons.
>> 
> 
> With this logic, TorBrowser users could select a unique set of add-ons
> each session, correct?
> 
>> 
>> You don't need any studies, it's simple common knowledge.
>> 
> 
> I second the request for some documented research, even if we do it
> ourselves.  The first thought I had was a way for people to verify
> their identity by seeing their fingerprint by visiting a website, or
> something close to what others might be looking for, though this could
> also be an off-line thing.
> 
> Wordlife,
> Spencer
> 
> 
> 
> 
>> pacifica at riseup.net wrote:
>>> Hello afternoon / evening / morning tor-talk -- I am hoping that 
>>> someone
>>> can point me in the right direction. I know it is well-discussed that
>>> adding Firefox add-ons to the Tor Browser Bundle decreases anonymity,
>>> but I would like to review the studies myself. I'm having trouble
>>> finding credible research where detection of add-ons has resulting in 
>>> a
>>> significant decrease in anonymity... can someone please point me to
>>> those resources?
>>> 
>>> To be explicit, I am not concerned with "plug-ins" like Java or 
>>> Flash,
>>> but rather "add-ons" like HTTPS everywhere or Privacy Badger.
>>> 
>>> Thanks in advance.
>>> 
>>> pacifica