[tor-bugs] #29566 [Applications/Tor Browser]: math.cos reveals OS
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Apr 16 08:26:26 UTC 2019
#29566: math.cos reveals OS
--------------------------------------+---------------------------
Reporter: Thorin | Owner: tbb-team
Type: defect | Status: closed
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution: duplicate
Keywords: tbb-fingerprinting-os | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------------------+---------------------------
Comment (by Thorin):
This is interesting: https://bugzilla.mozilla.org/show_bug.cgi?id=1380031
(FF68+)
Actual results:
`2.718281828459045`, `2.7182818284590455`, `false`
Expected results:
`2.718281828459045`, `2.718281828459045`, `true`
Note the extra decimal place. Now look at what I've been using for
exmp1(1)
windows/mac/android
`1.7182818284590455`
linux TB32bit, 64bit, Firefox 32bit linux:
`1.718281828459045`
Note the extra decimal place **and** the exact same decimal data.
So I wonder if what they did changes all the FP'ing that leaks 64/32
builds and 64/32 OS architecture.
Will have a play on 68 later. This doesn't affect any of the ECMAScript
1st Edition FP'ing, but may neutralize the 6th Edition ones (I found only
three equations that varied, the one above was one of them) - and both
editions were required to get the extra entropy.
Will advise - watch this space
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29566#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list