[tbb-bugs] #28621 [Applications/Tor Browser]: Investigate "website fingerprinting through cache occupancy channel"
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Dec 21 07:51:29 UTC 2018
#28621: Investigate "website fingerprinting through cache occupancy channel"
--------------------------------------+--------------------------
Reporter: arthuredelstein | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------------------+--------------------------
Comment (by tom):
I skimmed it. This one kind of sucks. There are no reasonable
countermeasures. Page coloring looked interesting, but AFAICT that was an
idea from the early 2000s that hasn't been revisited?
The 100ms resolution helps; but it isn't the complete answer (and I want
to reduce it anyway if we can achieve the same security boundary using
fuzzyfox.)
Maybe the answer is something more complicated? Degrading it dynamically
(throttling) if we detect repeated calls and throw a permission prompt
(with or without the doorhanger)?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/28621#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list