[tbb-bugs] #31887 [Applications/Tor Browser]: maximize warning panel entropy: can reveal app locale
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Sep 27 18:27:22 UTC 2019
#31887: maximize warning panel entropy: can reveal app locale
--------------------------------+------------------------------------------
Reporter: Thorin | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Component: Applications/Tor Browser
Version: | Severity: Normal
Keywords: tbb-fingerprinting | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------------+------------------------------------------
I actually thought this had been addressed years ago (maybe it was?) but
something nagged me so I did a full test, and added the PoC
**Note**:
- In #31598 when LB (letterboxing) is enabled, the warning panel is not
used
- `extensions.torbutton.maximize_warnings_remaining` cannot be `0`
- user has to initiate FS (I could cover the entire page with an element:
but they still have to click it)
- it only affects *some* locales, not all (but are the others robust to
future changes?)
- so effectively the risk should be fairly low, but then I can also see a
lot of users disabling LB (unless we do a better job of educating them:
see solutions), so the risk is higher (for those exposed)
**PoC**
- https://ghacksuserjs.github.io/TorZillaPrint/TorZillaPrint.html
- just click on the full screen test
- let the page load first: I had one test where the connection was a bit
slow and I clicked too early, and it was all a bit laggy, and I got back
418 pixels. I could fix that by waiting a little longer to grab the second
value, but not today.
**Observations**:
- `ja` and `ka` are unique
- `ar`, `fa`, `ko` and `zh-TW` create another bucket
- `mk` I can't test (#31725), and `ko` needs to be confirmed (#31886)
- Can we rely on previous chrome styling to remain consistent: see the
ESR60 `ka` was `42` pixels like most other languages, but it did not
migrate to `40` pixels in ESR68 like most other languages.
**Beware**:
- I only tested at default 1000px width. The length of each localized
message is not the same, so smaller windows (e.g on smaller screens: are
there any?) would provide more entropy, as some would invoke a second or
third line and others not.
- Similarly, if users resize the browser, some 2-liners will become one
while others won't: but users should not resize the browser unless they
have LBing (in which case, the warnings are disabled)
**Obligatory Pic**:
- see attachment: The ESR60 based ones are for nostalgia's sake, as I
upgraded my language test suite :)
**Possible Solutions**:
- lock the LB pref in the future
- make the warning panel the same height somehow: e.g just force it to be
100px high or something.
- ditch the panel UX (or enhance it?) and use a different medium: end-user
education: I have some other ideas but no idea how feasible they are, and
they tie into informing the user about LB'ing/resizing/maximizing/FS: all
in one hit
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31887>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list