[tor-bugs] #31667 [Applications/Tor Browser]: NAvigator object leaking OS, again?
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Oct 23 06:37:26 UTC 2019
#31667: NAvigator object leaking OS, again?
--------------------------------------+---------------------------
Reporter: op_mb | Owner: tbb-team
Type: defect | Status: closed
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution: duplicate
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------------------+---------------------------
Description changed by gk:
Old description:
> hey all,
>
> tor browser version 8.5.5 in tails os, navigator object leaks OS,
>
> // you need to modify these
> navigator.userAgent
> navigator.appVersion
> navigator.buildID
> navigator.osCPU
> navigator.platform
> //
>
> here's the ticket (with pics), they redirected me to you:
>
> https://redmine.tails.boum.org/code/issues/16999
> (look at the pics i uploded there)
>
> i've read the other tickets here, about fingerprinting, point is, that,
> automated scripts will vector attacks based on platform, so this is just
> opening an attack vector
>
> cheers!
New description:
hey all,
tor browser version 8.5.5 in tails os, navigator object leaks OS,
you need to modify these
{{{
navigator.userAgent
navigator.appVersion
navigator.buildID
navigator.osCPU
navigator.platform
}}}
here's the ticket (with pics), they redirected me to you:
https://redmine.tails.boum.org/code/issues/16999
(look at the pics i uploded there)
i've read the other tickets here, about fingerprinting, point is, that,
automated scripts will vector attacks based on platform, so this is just
opening an attack vector
cheers!
--
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31667#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list