[tor-talk] catastrophe: ip-api.com sees me
Seth David Schoen
schoen at eff.org
Thu Feb 8 20:18:27 UTC 2018
Dash Four writes:
> Roger Dingledine wrote:
> >Using any browser with Tor besides Tor Browser is usually a bad idea:
> I disagree with that statement. It is certainly _not_ a bad idea, provided you know what you are doing.
As the documentation says, there are a couple of different things that
can go awry here.
* Your non-Tor Browser can be vulnerable to a proxy bypass (because
other browsers don't necessarily consider that a very serious
problem). E.g., an attacker can serve you some HTML that uses
some kind of browser feature that goes directly over the Internet,
not via Tor.
* Your non-Tor Browser can be vulnerable to various kinds of
tracking and fingerprinting, because other browsers haven't done as
much to mitigate that. E.g., an attacker can use some kind of
supercookie to recognize you across sessions, or serve some kind
unique long-term fingerprint that Tor Browser might have prevented.
* Your non-Tor Browser can be inherently distinctive because very
few people are using any given other configuration. E.g., you might
be the only person in the world currently using Tor with a particular
browser version, OS, language, and browser window size (even if a
your system's properties).
Your particular setup has probably mitigated the first of these
effectively, but maybe not the other two.
Now, there are ways that the Tor Browser may also have failed to fully
mitigate each of these risks. And there could be other benefits to
using a different browser in terms of adversaries who know of zero-day
vulnerabilities in Tor Browser that might not be present in other
browsers. (Some critics have pointed out that more potential attackers
probably have zero-days against the current Tor Browser at a given
moment than against, say, the current Google Chrome; at least, they
typically wouldn't have to pay as much money to buy them.) But you
probably can't mitigate the second two concerns above on your own, which
might always mean more trackability and less anonymity of a certain kind
when using another browser with Tor.
* If you use something other than Tor Browser, you can get confused
about when you are or aren't using Tor, or accidentally enable or
disable it in the middle of some other activity, leading to several
kinds of contamination between Tor and non-Tor sessions.
Very sophisticated and disciplined users might not trip over this
particular issue, but it's a relatively high risk and a lot of people
using the old TorButton setup definitely ran into this kind of problem.
Seth Schoen <schoen at eff.org>
Senior Staff Technologist https://www.eff.org/
Electronic Frontier Foundation https://www.eff.org/join
815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107
More information about the tor-talk