Having a unique, or unique enough browser fingerprint would allow website owners and content network providers to track a TOR user across nodes and/or sessions. With a large enough CDN (facebook, etc) you could reasonably de-anonymize a user.
On 2015-09-26 12:44, Jeremy Rand wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > On 09/26/2015 06:38 PM, behnaz Shirazi wrote: > Also, if you want true undetectability you need to install a Tor instance and > your OS for TBB in seperate VMs and setup the Tor VM to be a transparent > router for your OS, so even if java/flash/exploit is executed, it doesn't > leak your real IP, since even your OS in the VM is forced through Tor. No I > don't talk about anonymity, I'm asking to fix detectability. destination > website shouldn't be able to detect user is using TBB, some people think only > problematic guys use TBB and Detecting it cause a lots of problems in > different scenarios (in my own case, for some reasons i'm worry about > QUANTUM_INSERT like programs that can automatically attack me if they think > i'm a suspicious user) Maybe I'm not understanding you, but given that all TBB users are already distinguishable from other users since their IP address is a Tor exit, I'm not seeing how TorBrowser having a different fingerprint from other browsers is a problem. The important thing is that TorBrowser users have the same fingerprint as each other, which the TorBrowser devs seem to be doing a good job on. Cheers, - -Jeremy Rand -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJWBvWBAAoJEAHN/EbZ1y06EoQP/2s4V0dsGFyism2rSSpsd6fo gt0a40kLdIBb2wegtYbpWtjdL2N9hvc6HWgcobwrN0e8gxgMdTNrUtd5Ert71/0n Lfwb9M1WN4s6QWFHxpdEpKxR+Ek81JCBLAVq2ukgcXwFo93oHibZQP6Z6aQOanOf 1CC9qsnpYBGHmlOH1jEBqsB6q9fyMNAHkhPH5fFtJMoutdmcfwTekL1P6Tilt+i7 68OT1gyaEtOJDHaIJWdTx3GTS0t3IdPKngpJfGmNte+NBJlaEyAg1E1pRb5jFqJ2 DIJYb+0h+LYVLgaWfMJ6EdUp1nivhXzBZjb7TpKWJNIBcVLibbJQ8TIgiWXixnQS xyYZYM+WM26PNyXt/Q1POZri9AnS6hCenvHJob6QpZ4qI0dr4btxuf8k+O+0E3zI 0SPmgH41TS4aP/haxolYZRQgDg8PrdC87U6hSlSK5iYSNlWYYL88TsAFSFQ9ytVq y5tBQNW+uVSJSO+XySQ8G7rAfWhdDWCJKBFrx/EdXI1J4AAZrouV5NOcqWUrqR/k RBWW0/7u1uzXDBF+4eqy2nq3/RG1BBWklmnSWant39OeNYnHIL2fyAHzVNpG7KAK /oHn6h7LerdplTZGe1PPkVpfrl3Tx18IXjMuOCmJcdqNL0ee41dkOwJWNcBoo3Pw u5bcYaeK6uYJJMJWMLOR =HCiV -----END PGP SIGNATURE----- -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
