[tbb-bugs] #27580 [Applications/Tor Browser]: Tor Browser 8.0 lacks fingerprint hiding feature
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Sep 8 23:03:39 UTC 2018
#27580: Tor Browser 8.0 lacks fingerprint hiding feature
-------------------------------------+-------------------------------------
Reporter: aka | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor | Version:
Browser | Keywords:
Severity: Critical | fingerprint,browser,original,notsecure
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
-------------------------------------+-------------------------------------
I recently surfed to https://panopticlick.eff.org/ and looked out for my
Tor Browser Bundle fingerprint.
I'm using TBB on my 64-bit Linux machine, so the result was '''Mozilla/5.0
(X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0''' instead of
some kind of "faked" fingerprint that shows that my machine would be a
Microsoft Windows computer.
I ran the same test in the previous version of TBB that I had before the
update procedure gave me the 8.0 version, I didn't had the bug that my
original browser fingerprint was leaked to the server I was connecting to.
I downloaded TBB 8.0 also as a fresh instance from torproject.org with
''the same'' result.
This breaks anonymity because a web server knows your real system &
architecture. I don't know if this is only the case for the Linux variant
of the browser because I don't have access to Mac OS or Windows machines
right now. I furthermore only tested the 64 bit variant.
I hope that this is not one of the new "features" that were included in
version 8.0 ...
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27580>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list