[tbb-dev] Tor browser fingerprint with javascript enabled problem
Anton Luka Šijanec
anton at sijanec.eu
Wed Sep 30 14:01:54 UTC 2020
On 29.09.2020 17:23, Matthew Finkel wrote:
> On Sat, Sep 26, 2020 at 11:31:46AM -0700, joel04g_t535e at secmail.pro
> wrote:
>>
>> With javascript enabled, websites can know If you use linux or
>> windows. In
>> my opinion, this is more information than a website should have.
>>
>> As a linux user, I visited panopticlick.eff.org and did the browser
>> fingerprint test. The results revealed my platform to be "Linux
>> x86_64".
>>
>> Is there a way that Tor devs can make Tor browser spoof this value to
>> be
>> the same for all users or random, regardless of OS?
>
> No, not easily. There is the semi-easy OS leak in the web API where Tor
> Browser provides the correct OS in |navigator.useragent|.
So addons that change the user agent should be enough, right? Or if not
that, why would setting the about:config value
devtools.responsive.userAgent not be sufficient?
--
Anton Luka Šijanec
https://šijanec.eu/
+38 6 64/176-345
anton at sijanec.eu (mail, xmpp & sip)
https://šijanec.eu/pgp-key.txt?F4C3E3A4DFB7254397A9F993E76135F49802CD14
More information about the tbb-dev
mailing list