[tor-bugs] #17207 [Tor Browser]: Testing navigator.mimeTypes for known names can reveal info and increase fingerprinting risk
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Oct 2 00:46:52 UTC 2015
#17207: Testing navigator.mimeTypes for known names can reveal info and increase
fingerprinting risk
----------------------------+--------------------------
Reporter: TemporaryNick | Owner: tbb-team
Type: defect | Status: new
Priority: normal | Milestone:
Component: Tor Browser | Version:
Keywords: fingerprinting | Actual Points:
Parent ID: | Points:
Sponsor: |
----------------------------+--------------------------
I gathered a list of MIME Types from IANA and other sources. Then
explicitly used each type to check if navigator.mimeTypes[type] ===
undefined. I found that I could detect quite a few MIME Types in this
way. Including some types that are related to specific application
programs and/or peripheral devices.
I maxed the security slider, which disabled Javascript by default and
broke the test script. However, after I whitelisted the test script I was
able to achieve the same results.
I was testing Tor Browser 5.0.3 for Windows.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17207>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list