[tbb-dev] Is JS monkey patching viable as a fingerprinting countermeasure?

Arthur D. Edelstein arthuredelstein at gmail.com
Mon Sep 22 06:19:21 UTC 2014


> That said, if you see a clean way to create an API to do secure script
> injection and feel like hacking it up real quick, feel free. It may
> prove useful eventually, but I suspect we'll uncover a whole slough of
> surprises once we actually try to use it. We'll probably also need
> regression tests in-tree for every single function/callback/property we
> hook, to make sure that an implementation change doesn't suddenly break
> our ability to hook something in the way we want.

As an experiment, I came up with a very simple JS module that lets you
inject a script to overwrite arbitrary members of the global "window"
object, before any content is loaded. The trick is listening for
"content-document-global-created" notifications, as described in
https://developer.mozilla.org/en-US/docs/Observer_Notifications#Documents.

If anyone is interested, you can see the injection code at
https://github.com/arthuredelstein/torbutton/blob/f138fa2a5e/src/chrome/content/patch-content-globals.js
and there's an example of the script to be injected at
https://github.com/arthuredelstein/torbutton/blob/f138fa2a5e/src/chrome/content/content-sanitizer.js
(The latter script is one way to solve #5926, though my final
implementation is a C++ patch.)
Of course, all of Mike and Georg's caveats about JS hooks apply here.


More information about the tbb-dev mailing list