[tor-bugs] #19199 [Applications/Tor Browser]: Completely disable canvas content and related warning popup based on Security Slider setting
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun May 29 14:59:35 UTC 2016
#19199: Completely disable canvas content and related warning popup based on
Security Slider setting
-------------------------------------+-------------------------------------
Reporter: cypherpunks | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor | Version:
Browser | Keywords: privacy, anonymity,
Severity: Normal | fingerprinting
Actual Points: | Parent ID: #18027
Points: | Reviewer:
Sponsor: |
-------------------------------------+-------------------------------------
Canvas-based fingerprinting is a potent threat to anonymity. I believe it
does not make sense to have it potentially enabled (following a popup
dialog) at elevated Security Slider settings, and even with the Security
Slider on "High," and probably also on Medium-High, Medium, and
potentially Medium-Low.
Fingerprintable canvas content (and its related popup) should be
completely disabled when the Security Slider is at one of these elevated
settings, and it should be transparent to the user. It may make sense to
still present the icon in the address bar so that it can be enabled
manually, on a per-site or per-page basis, if a user needs this feature.
Thank you all so much.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19199>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list