[tor-bugs] #10419 [Firefox Patch Issues]: Can requests to 127.0.0.1 be used to fingerprint the browser?
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Jan 21 17:36:27 UTC 2014
#10419: Can requests to 127.0.0.1 be used to fingerprint the browser?
--------------------------------------+--------------------------------
Reporter: mikeperry | Owner: mikeperry
Type: task | Status: new
Priority: major | Milestone:
Component: Firefox Patch Issues | Version:
Resolution: | Keywords: tbb-fingerprinting
Actual Points: | Parent ID:
Points: |
--------------------------------------+--------------------------------
Comment (by oc):
If I understand correctly, this ticket is about evaluating localhost
fingerprinting risks, which is all good. #10686 was about considering
''any'' clear-text request to localhost a breach to TBB's proxy obedience
requirement (disregarding whether good fingerprinting can be achieved or
not). The difference becomes obvious when one considers CUPS, or any other
HTTP service may run on TBB's host.
Max Jacob Maass has put up a test page:
* http://62.141.42.149/test.php
* http://ehlznccisf5mnhw2.onion/test.php
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10419#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list