[tor-bugs] #10400 [TorBrowserButton]: Provide "New Identity" option that uses session restore

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Dec 20 05:33:07 UTC 2013 

#10400: Provide "New Identity" option that uses session restore
----------------------------------+---------------------------------------
     Reporter:  mikeperry         |      Owner:  mikeperry
         Type:  enhancement       |     Status:  new
     Priority:  major             |  Milestone:
    Component:  TorBrowserButton  |    Version:
   Resolution:                    |   Keywords:  tbb-usability, tbb-newnym
Actual Points:                    |  Parent ID:
       Points:                    |
----------------------------------+---------------------------------------

Comment (by mikeperry):

 Replying to [comment:4 gk]:
 > Replying to [comment:3 gk]:
 > > Replying to [ticket:10400 mikeperry]:
 > > > People routinely request a New Identity option that doesn't close
 all of their tabs. Unfortunately, this is not really possible to implement
 while still clearing all of the tracking-related browser state.
 > >
 > > What blockers do you have in mind if one tries to take that road?
 >
 > After thinking a while about it I suppose I should be more precise with
 my question: What issues do you have in mind that are solvable by the
 session restore approach but not by leaving tabs open after clearing
 tracking-related browser state?

 The session restore approach defends against invisible tracking. If we
 left tabs live and fully open while clearing the cache, cookies, HTTP
 auth, etc, then javascript and other dynamic elements (CSS) are still
 present and still have access to any dynamically generated identifiers,
 and these identifiers will easily find their way back into the cache, and
 have a number of other vectors to embed persistent tracking identifiers
 that are invisible to the user.

 In theory, adversaries could encode identifiers in the first party urls
 stored in the session store. However, if we only allow url bar urls to be
 stored (and no cache, DOM storage, etc), then such tracking is at least
 limited to what is visible, and only to first party tracking (and
 hopefully that will be rare, due to its visibility and cumbersome nature).

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10400#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list