> On 03/01/12 16:44, Øyvind Sæther wrote: >> Just ignore the Browser bundle bullshit, that's for stupid Windows >> users and pointless on *nix systems. > > There's a good reason still to use the Tor Browser: it provides a > "standard" environment which is the same as every* other Tor user's. > Safety in numbers is never truer than with anonymity; compare with the > Black Bloc tactic often used at demonstrations. If everyone looks the > same it's much harder to identify individuals. > > As soon as you use your own browser (stock Firefox, LWP::UserAgent, > whatever) you reduce your anonymity group substantially. If you're > unlucky you may have a unique browser fingerprint. And surprisingly you > don't need to be that unlucky for it to happen. Modern browsers leak A > LOT of information. And building a custom browser that doesn't leak will > make you stand out even more - unless we all use the same custom > browser, of course... >
I think you nailed it. The key is consistency between users. There are enough differences even with users running the same software. The TBB runs on multiple platforms with multiple screen resolutions and multiple different updates that even with the TBB you can stand out as unique. It has occurred to me that it may be wise to dedicate a computer to Tor entirely and not use it for anything non-Tor necessary. At least then it isn't possible or much more difficult to fingerprint users between Tor and non-Tor use. Even then there could still be ways to fingerprint and connect a user. Your ISP, your modem, and other latency or surfing particularities. Do you always spell a particular set of words wrong? Or do you always spell every word right? _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
