[tor-bugs] #27672 [Applications/Tor Browser]: User-agent OS info leak
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Sep 12 19:43:32 UTC 2018
#27672: User-agent OS info leak
------------------------------------------+----------------------
Reporter: time_attacker | Owner: tbb-team
Type: defect | Status: new
Priority: Immediate | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Blocker | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
------------------------------------------+----------------------
Tor Browser 8.0 on Linux has user-agent
Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0
I also suspect Windows/MacOS version is leaked through UA. This behavior
can aid fingerprinting or vulnerability exploitation.
Tor Browser 7.x.x and before had one single Windows user-agent even on
Linux platforms, only Android (Orfox) had other UA.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27672>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list