[tor-dev] TBB Memory Allocator choice fingerprint implications
Patrick Schleizer
patrick-mailinglists at whonix.org
Mon Aug 19 16:11:00 UTC 2019
Btw Hardened Malloc does not require recompilation of TBB.
Compilation of Hardened Malloc is easy.
https://github.com/GrapheneOS/hardened_malloc
It then can be used with TBB or any application using LD_PRELOAD
environment variable.
LD_PRELOAD='/path/to/libhardened_malloc.so' /path/to/program
Just now created:
consider using Hardened Malloc for better security in TBB
https://trac.torproject.org/projects/tor/ticket/31440
Tom Ritter:
> On Sat, 17 Aug 2019 at 15:06, procmem at riseup.net <procmem at riseup.net> wrote:
>> Question for the Tor Browser experts. Do you know if it is possible to
>> remotely fingerprint the browser based on the memory allocator it is
>> using? (via JS or content rendering)
>
> Fingerprint what aspect of the browser/machine?
Browser web fingerprinting. The fingerprint that remote websites can see.
Can web servers guess that a different memory allocator (Hardened
Malloc) is being used due to difference in performance or other glitches?
Cheers,
Patrick
More information about the tor-dev
mailing list