[tor-bugs] #18379 [Tor Browser]: Mouse Tracking Defenses in Tor Browser
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Mar 14 11:40:35 UTC 2016
#18379: Mouse Tracking Defenses in Tor Browser
-------------------------+--------------------------
Reporter: cypherpunks | Owner: tbb-team
Type: enhancement | Status: new
Priority: Very High | Milestone:
Component: Tor Browser | Version:
Severity: Critical | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------+--------------------------
Comment (by cypherpunks):
No, because not just short-time timing, but also cursor location, speed,
direction and long-time timing are involved.
Some of the related fingerprinting methods are not easy to defend against.
e.g. User A tends to click here after opening a link, etc. With recent
advances in machine learning (e.g. deep learning) this kind of information
is more valuable.
With that said, however, we can limit cursor position data without causing
a major break because most important event handlers listen on click,
mouseover, etc. Of course it may for example cause a glitch in script-
generated tooltips.
Possibly, what is the easiest is making mouse position data opt-in in
higher security settings (slider), like `canvas` data extraction.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18379#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list