[tor-bugs] #13017 [Applications/Tor Browser]: Determine if AudioBuffers/OfflineAudioContext are a fingerprinting vector
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Jun 6 16:03:57 UTC 2016
#13017: Determine if AudioBuffers/OfflineAudioContext are a fingerprinting vector
-------------------------------------------------+-------------------------
Reporter: mikeperry | Owner:
Type: task | arthuredelstein
Priority: Very High | Status:
Component: Applications/Tor Browser | assigned
Severity: Critical | Milestone:
Keywords: tbb-fingerprinting-os, tbb-easy, | Version:
TorBrowserTeam201606 | Resolution:
Parent ID: | Actual Points:
Reviewer: | Points:
| Sponsor:
-------------------------------------------------+-------------------------
Comment (by boklm):
I have been running the https://audiofingerprint.openwpm.com/ test on one
computer with 3 different linux distributions using docker (so the same
kernel was used): Fedora 22, Debian Jessie, Debian Wheezy.
The `Fingerprint using DynamicsCompressor (sum of buffer values)` line was
the same in all cases: 35.74996018782258
The `Fingerprint using DynamicsCompressor (hash of full buffer)` was the
same on Fedora 22 and Debian Jessie:
158e8189a3551fe4f2e564ac377b0f1e588a1ab3
But it was different on Debian Wheezy:
205ae8bb7897e9c9faa399d83bbcdc704a9962a1
After putting a copy of a libm.so.6 from Fedora in the
Browser/TorBrowser/Tor/ directory and running it again on Wheezy, the
`hash of full buffer` value became the same as on the 2 other
distributions.
So it looks like the libm.so.6 used affects the `hash of full buffer`.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13017#comment:29>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list