[tbb-bugs] #26607 [Applications/Tor Browser]: verify that subpixel accuracy of window scroll properties does not add fingerprinting risk

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Apr 23 08:26:05 UTC 2019 

#26607: verify that subpixel accuracy of window scroll properties does not add
fingerprinting risk
-------------------------------------------------+-------------------------
 Reporter:  mcs                                  |          Owner:  tbb-
                                                 |  team
     Type:  defect                               |         Status:  new
 Priority:  High                                 |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tbb-fingerprinting, ff60-esr,        |  Actual Points:
  TorBrowserTeam201904                           |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by acat):

 Replying to [comment:20 Thorin]:
 > more from Arthur, including an old patch/solution:
 https://bugzilla.mozilla.org/show_bug.cgi?id=1216800 "some chrome code may
 be incorrectly receiving spoofed devicePixelRatio"
 Thanks, although I think that one refers to the fact that devicePixelRatio
 should not be spoofed internally in Firefox privileged pages. Here the
 problem is that it can be guessed in normal pages (via some side-channels)
 and it should not.

 Perhaps this one could be closed as duplicate of #29564, since everything
 that can be measured via `window.scrollXY` can also be obtained via
 `document.body.getBoundingClientRect()` or similar.

 For the concrete case of using the scroll+(getClientRects or scrollY) to
 guess the real `window.devicePixelRatio`, I do not see a good solution.
 Rounding values does not solve it completely because it should be possible
 to slowly nudge elements to guess the actual subpixel value (as suggested
 by @tom in an email). Another possibility could be to make sure scroll is
 done in "CSS pixels" (currently scroll seems to be done in "physical
 pixels", 1 scroll pixel is 1/devicePixelRatio CSS pixels, and that's where
 the measured subpixel values come from). If we think this is critical
 enough perhaps the effort might be justified, but not sure.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26607#comment:21>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list