Delivery-Date: Thu, 30 Jul 2015 19:37:42 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD,UNPARSEABLE_RELAY
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 515271E0B07;
	Thu, 30 Jul 2015 19:37:40 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 2814334F44;
	Thu, 30 Jul 2015 23:37:34 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 33DB935033
 for <tor-talk@lists.torproject.org>; Thu, 30 Jul 2015 23:37:31 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id Atq3PDxn74VL for <tor-talk@lists.torproject.org>;
 Thu, 30 Jul 2015 23:37:31 +0000 (UTC)
Received: from mx1.riseup.net (mx1.riseup.net [198.252.153.129])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 0CCA0210EE
 for <tor-talk@lists.torproject.org>; Thu, 30 Jul 2015 23:37:28 +0000 (UTC)
Received: from cotinga.riseup.net (unknown [10.0.1.161])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (verified OK))
 by mx1.riseup.net (Postfix) with ESMTPS id 5E8154205E
 for <tor-talk@lists.torproject.org>; Thu, 30 Jul 2015 23:37:25 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak;
 t=1438299445; bh=I3u4rVcBHK72dWKyIihL4w8iCIA/0BphsJSbrQeCZIs=;
 h=Date:From:To:Subject:From;
 b=oi9snhaV0wbI3x4uG2k4vnGFxKmzow0iF3FQudVeQUfsSGw2RSIvUljvy0MOsvd03
 IhL41348YkzRWDcQV7mZ+wQmKkUzqvoVXIwkozJvX6nxJz8dme4TKpCGw13cbe1E4e
 j9IuwhBg9EBUKgtyo6vYhHvwZmAztksRhjBgCBms=
Received: from [127.0.0.1] (localhost [127.0.0.1])
 (Authenticated sender: flapflap) with ESMTPSA id 3BB8A1C060A
Message-ID: <55BAB4EF.2090905@riseup.net>
Date: Thu, 30 Jul 2015 23:36:15 +0000
From: flapflap <flapflap@riseup.net>
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
X-Virus-Scanned: clamav-milter 0.98.7 at mx1
X-Virus-Status: Clean
Subject: [tor-talk] Profiling Tor users via keystrokes
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============4566614891800477629=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============4566614891800477629==
Content-Type: multipart/signed; micalg=pgp-sha512;
 protocol="application/pgp-signature";
 boundary="lXNKBV65FIFwEExGVo9VMxNR4o0ABxECP"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--lXNKBV65FIFwEExGVo9VMxNR4o0ABxECP
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Hi!

(I didn't find this topic discussed here yet and I think it might be
interesting)

the article

http://arstechnica.com/security/2015/07/how-the-way-you-type-can-shatter-=
anonymity-even-on-tor/
says that apparently it's possible to deanonymise Tor users by analysing
their keystrokes in input fields of websites.

Is it valid to assume that such a technique is possible to be deployed
by, for example, cloudflare? (needs JavaScript, has an input field)
(or is it required for learning to always enter the same text by the
same user?)

Is there need for modifications in the Tor Browser Bundle/upstream Firefo=
x?

Cheers,
~flapflap


--lXNKBV65FIFwEExGVo9VMxNR4o0ABxECP
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJVurTvAAoJEO/RDUCS7eFWGOQQAMWDmQjO9ZJ+Bdq8QZauKvWW
d+CKy9Lf8f1f/TlfGjaiX+d0ylO6TVhZtyuSTDp1I+jw+E7Md/6lN0Pj0VPGqRdt
CgW65P+kmSzwQ5Hc1BkPHstTElgmKfxTpLBQegTaKBCV0PEPvb25DdJ5y8A6K4Ux
W76ys5KMLhsfcRe4tiqYiA8yUMGF24Q/jImO/01EznJWgofjK2VLFFSZOBGWc4YY
Kx+tOHWenZP6uyBgs5LaE8yx+/0y1CoS/DssB9QJH3sZ7TWkOaD94AqTYJ5XrkQ6
WKJKhA4j/o2zx5PhYkF2lA0bb9EDtn6NsTCb1Bf6pZPPRyiMVTDebzZU6wCdueMj
/D8g43hGV7UbTTanbcn/3P3brLhgexbrETSbDLmgEHdSgj5/zkjWrl8AM932vWgZ
Y+nyLgy2LP/7wnPpCsCgSEC5bIWxKv/w27cUNndnmPER080fRNZEAueNpY90Hd0S
RQBOscGvmulITYd62RHX0hLKR4X/ZEYMdYd86QrlADEfx3l4275ADwPvVUM74gRX
mbfaZ1sDe7LB0q9kCQa/zsV5ge5/psZYthu9qYcwSkO0qKHP/qOi3Glti46QPM4Y
XnJb7w/B6mILW7M6QoqBjcdAFtZ5YkYjYgq54XyMIKEAMUzSxxpoTKrtI8VZWyaT
THuBnjNzgYKKdWy4P4Bk
=G4Np
-----END PGP SIGNATURE-----

--lXNKBV65FIFwEExGVo9VMxNR4o0ABxECP--

--===============4566614891800477629==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

--===============4566614891800477629==--

