[tor-bugs] #6293 [Flashproxy]: Disable self when running in Tor browser

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Nov 21 14:23:40 UTC 2012 

#6293: Disable self when running in Tor browser
------------------------+---------------------------------------------------
 Reporter:  dcf         |          Owner:  dcf
     Type:  defect      |         Status:  new
 Priority:  normal      |      Milestone:     
Component:  Flashproxy  |        Version:     
 Keywords:              |         Parent:     
   Points:              |   Actualpoints:     
------------------------+---------------------------------------------------

Comment(by jct):

 First part [1], trying to detect that the proxy is running in a Tor
 Browser:

 Here is a candidate script in order to get the Tor Browser fingerprint:

 {{{
 function tor_browser_fingerprint() {
      var isTB = false;

      try { var t1 = false, resFunction = Components.lookupMethod(this,
 'window'); } catch (err) { if( err.message.indexOf("Permission denied") !=
 -1 ) t1 = true;}

      try { var t2 = false, resObject = Components.interfaces.nsITimer; }
 catch (err) { if( err.message.indexOf("Permission denied") != -1 ) t2 =
 true;}

      if ( t1 && t2 && (navigator.userAgent == "Mozilla/5.0 (Windows NT
 6.1; rv:10.0) Gecko/20100101 Firefox/10.0") &&
 (navigator.platform.indexOf("Win32") != -1) && (sessionStorage === null)
 && (navigator.mimeTypes.length == 0) && ((navigator.plugins.length == 0)
 || (navigator.plugins.length == 1 && navigator.plugins[0].name ==
 "Shockwave Flash") ) )
           isTB = true;

      return isTB; }
 }}}

 The logic behind this code comes from the design of the Tor Browser:
 https://www.torproject.org/projects/torbrowser/design/ :

 {{{
    * Block '''Components.interfaces''' and '''Components.lookupMethod'''
    * A fixed '''userAgent''' string
    * Regardless of the actual operating system, the browser is reporting
 the Windows OS
    * Entirely disable DOM storage
    * Not listing the supported MIME types
    * Not allowing plugins or only allowing Flash
 }}}

 I suppose that is enough with checking the '''userAgent''' string, but the
 others may be needed to decrease the amount of false positives.

 I'm attaching an extended version of the proposed script (the attached one
 is a bit more polite and modular, but essentially does the same as the
 shorter version that is displayed above.

 [1] The second part is to detect that the proxy is already in the Tor
 Network, not checking if it is running in a Tor Browser, but checking if
 the proxy reported IP matches with a Tor Exit node.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6293#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list