[tor-bugs] #15646 [Tor Browser]: KeyboardEvent may allow fingerprinting of keyboard layout

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Jul 28 15:25:04 UTC 2015 

#15646: KeyboardEvent may allow fingerprinting of keyboard layout
-------------------------+-------------------------------------------------
     Reporter:           |      Owner:  arthuredelstein
  cypherpunks            |     Status:  needs_review
         Type:  defect   |  Milestone:
     Priority:  major    |    Version:
    Component:  Tor      |   Keywords:  ff38-esr, tbb-fingerprinting, tbb-5
  Browser                |  .0a-highrisk, TorBrowserTeam201507R,
   Resolution:           |  GeorgKoppen201507R
Actual Points:           |  Parent ID:
       Points:           |
-------------------------+-------------------------------------------------

Comment (by gk):

 Replying to [comment:25 arthuredelstein]:
 > Replying to [comment:23 gk]:
 >
 > > This looks better now. But we should give default values for `altKey`
 and `ctrlKey` as well (maybe even `metaKey`, too?) as not doing so might
 reveal the underlying keyboard layout (or maybe better: it might exclude
 possible keyboard layouts) as well:
 > >
 > > German keyboard layout
 > >
 > > {{{
 > > event = keydown
 > > key = |
 > > charCode = 0
 > > which = 220
 > > code = Backslash
 > > keyCode = 220
 > > location = 0
 > > altKey = true
 > > ctrlKey = true
 > > metaKey = false
 > > shiftKey = true
 > > }}}
 >
 > I think you're right that we need to spoof the ALT key state. (I've done
 so in the new patch.) But I'm not so sure about the META and CTRL keys --
 aren't these only used for non-printing commands? Correct me if I'm wrong.

 Good question. That could be for the META key. I don't know how it works.
 The funny thing wrt `ctrlkey` is that I did not press that one in my
 example above on the german keyboard. I actually just pressed the right
 ALT key as modifier key, yet still CTRL showed up as true. I had hopes we
 can avoid that by making the return value for `ctrlkey` uniform as well in
 this case by spoofing the CTRL key state. But maybe doing so for the ALT
 key might already be enough. I'd need to test that with your new patch
 first.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15646#comment:28>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list