Delivery-Date: Wed, 30 Jul 2014 10:13:05 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.3 required=5.0 tests=BAYES_00,FREEMAIL_FROM,
	FROM_LOCAL_NOVOWEL,RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD autolearn=ham
	version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 3E54A1E04AD;
	Wed, 30 Jul 2014 10:13:04 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id BCDA030978;
	Wed, 30 Jul 2014 14:13:01 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 72BFD30977
 for <tor-talk@lists.torproject.org>; Wed, 30 Jul 2014 14:12:58 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id MjXcq_v2snzQ for <tor-talk@lists.torproject.org>;
 Wed, 30 Jul 2014 14:12:58 +0000 (UTC)
Received: from mout.gmx.com (mout.gmx.com [74.208.4.201])
 (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id 53FAF30964
 for <tor-talk@lists.torproject.org>; Wed, 30 Jul 2014 14:12:58 +0000 (UTC)
Received: from [127.0.0.1] ([99.190.181.188]) by mail.gmx.com (mrgmxus002)
 with ESMTPSA (Nemesis) id 0M4HBd-1WMJfw1JAJ-00rsXB for
 <tor-talk@lists.torproject.org>; Wed, 30 Jul 2014 16:12:55 +0200
Message-ID: <53D8FD47.6010702@gmx.com>
Date: Wed, 30 Jul 2014 09:12:23 -0500
From: Joe Btfsplk <joebtfsplk@gmx.com>
User-Agent: Mozilla/5.0 (Windows NT 6.0; WOW64;
 rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
References: <53D3F004.6070209@yandex.ru> <53D412F9.4030107@googlemail.com>
 <53D6B3F0.8030706@yandex.ru> <53D6E666.9070108@gmx.com>
 <CACf9JSVq5GT+GEysOs0oGBBUy52Nq3XpWsL4j4FD0EAk9RDuPw@mail.gmail.com>
 <53D7E802.8020700@gmx.com>
 <CACf9JSXgFag6Ky3F+TmTqqsx2ScpJTggnU-FDz9yd4zAX=qM1Q@mail.gmail.com>
In-Reply-To: <CACf9JSXgFag6Ky3F+TmTqqsx2ScpJTggnU-FDz9yd4zAX=qM1Q@mail.gmail.com>
X-Provags-ID: V03:K0:EHDPx+qkyqtjxtqkXGFNAKpkdJC7D67MiwRhHxhe+Dg9BZejcEy
 TS4R3QF3prE4Zk/S1k9QP9t99GGU3AA0l9+9u9JgJHhSjOFKCegrZ0z4PxGtYKn1qSDv3ib
 i+NKLkK0IXVbnyoj6+o0JsgdwVvt6WNA1SYFT1IG8CshMSDNBUowUTCRsIo0vsMzHdmY8Uv
 7G0fiInhUM4Ff8AN4ANdw==
X-Content-Filtered-By: Mailman/MimeDel 2.1.15
Subject: Re: [tor-talk] Spoofing a browser profile to prevent fingerprinting
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On 7/29/2014 4:35 PM, Ben Bailess wrote:
> But here are some numbers that I just collected that
> perhaps could be of use to you. This test was done with the latest TBB
> (3.6.3) and Firefox versions on Linux (Fedora), with both JS on and off:
>
> FF (private browsing) / JS disabled = 16 bits (not "unique" - one in 65,487)
> FF (private browsing) / JS enabled = 22 bits ("unique" out of >4M samples)
> FF (normal browsing) / JS disabled = 15.98 bits (not "unique" - one in
> 64,524)
> FF (normal browsing) / JS enabled = 21.07 bits (not "unique" but one in
> 2,193,824 [roughly 2 matching entries in the sample]... so the other data
> point may well have been me...)
> TBB / JS enabled = 12.06 bits (not "unique" - one in 4,260)
> TBB / JS disabled = 9.05 bits (not "unique" - one in 529 are same)
>
Thanks to all for your input.
OK, I slept & revisited Panopticlick fingerprinting results 
https://panopticlick.eff.org.  Silly me - I was looking at the values 
listed for each parameter, then assessing the total entropy for all 
parameters shown.
Yes, if I look at the value they report *in a sentence* above the 
results table, that total is far < than the sum of "bits of identifying 
information" for all browser characteristics measured, as shown in their 
results table.

For those that haven't looked at the site (or anything similar), the 
total entropy that Panopticlick arrives at is far < than the sum of 
individual values.
("The total is less than the sum of its parts" ??)
Like when it says,
"_Currently, we estimate that your browser has a fingerprint that 
conveys *13.72 bits* of identifying information_*,*" but the sum of all 
parameters in that same test is *far* > than 13.72 bits.

Maybe someone more familiar w/ their algorithm to arrive at the grand 
total "*bits of identifying information," *(that they state in a 
sentence, above the results table) can explain why their stated total 
entropy for the browser tested is *so much lower* than the total of all 
parameters shown in the table of test results.

I read their paper, https://panopticlick.eff.org/browser-uniqueness.pdf, 
but missed any explanation of why that is so.
I have an idea why that may be true, but no (generic) mathematical 
explanation.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

