[tor-bugs] #10286 [Applications/Tor Browser]: Touch events leak absolute screen coordinates
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed May 3 14:05:18 UTC 2017
#10286: Touch events leak absolute screen coordinates
-------------------------------------------------+-------------------------
Reporter: mikeperry | Owner:
| arthuredelstein
Type: defect | Status:
| needs_revision
Priority: High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: tbb-fingerprinting-resolution, | Actual Points:
ff52-esr, tbb-testcase, tbb-firefox-patch, |
tbb-7.0-must-alpha, TorBrowserTeam201705 |
Parent ID: | Points:
Reviewer: | Sponsor:
| Sponsor4
-------------------------------------------------+-------------------------
Changes (by gk):
* keywords:
tbb-fingerprinting-resolution, ff52-esr, tbb-testcase, tbb-firefox-
patch, tbb-7.0-must-alpha, TorBrowserTeam201705R
=>
tbb-fingerprinting-resolution, ff52-esr, tbb-testcase, tbb-firefox-
patch, tbb-7.0-must-alpha, TorBrowserTeam201705
* status: needs_review => needs_revision
Comment:
Replying to [comment:25 arthuredelstein]:
> I have thought some more and I now think my reasoning in comment:24 is
wrong. Some laptop/desktop users will be using a touch screen or stylus
frequently, which means that two such sessions can be positively
correlated. That means we have allowed some fingerprinting, even if a
third session where the Touch API is not used cannot be positively linked
to the first two.
>
> So now I am inclined to disable the Touch API altogether. Here's a new
branch with 3 patches. The first simply disables the pref. The next two
patches are the same as before (censoring the true screenX, etc.); the
latter two are included as a possible defense in depth, in case the Touch
API gets activated by the user or by us in the future, but those patches
are not absolutely necessary.
>
> https://github.com/arthuredelstein/tor-browser/commits/10286+2
I think the approach is okay for now. We might want to think harder
whether we want to enable touch support in the future by default and rely
only on the spoofing.
Arthur: Did you run the test? It seems it passes/fails depending on the
platform which seems suboptimal. If that's the case can you fix that? Then
there is a typo: 100286 (we don't have 6-digit bug numbers yet). I got
confused by the pointer event references, in particular
https://bugzilla.mozilla.org/show_bug.cgi?id=1000870 in the test. Is that
the way to write tests for touch event related things?
FWIW: I did not compile the code yet nor did I run a Tor Browser with the
patches.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10286#comment:28>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list