Delivery-Date: Thu, 30 Jul 2015 21:37:26 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 812131E06C9;
	Thu, 30 Jul 2015 21:37:24 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 4757F35395;
	Fri, 31 Jul 2015 01:37:17 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 577A034DE0
 for <tor-talk@lists.torproject.org>; Fri, 31 Jul 2015 01:37:13 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 0KWUpSAMCU_o for <tor-talk@lists.torproject.org>;
 Fri, 31 Jul 2015 01:37:13 +0000 (UTC)
Received: from mail-ig0-x232.google.com (mail-ig0-x232.google.com
 [IPv6:2607:f8b0:4001:c05::232])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 34AFA34DDB
 for <tor-talk@lists.torproject.org>; Fri, 31 Jul 2015 01:37:13 +0000 (UTC)
Received: by iggf3 with SMTP id f3so7726071igg.1
 for <tor-talk@lists.torproject.org>; Thu, 30 Jul 2015 18:37:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:in-reply-to:references:date:message-id:subject:from:to
 :content-type; bh=wVHF2qFolefSW6L6x2JdiImSPowRFqVQwE4dlAs5M+0=;
 b=Py/L9iYQ1NWc2m5w8Sssib7tvZm1lFh+7FkzVE0dchpFAFRh1NgnZHhnH/jOOyj4Yg
 nmN1GJuZEHubiNwgX22oF9V99hgeXLnvNq8nPjmxK30vCh6wxoEPmv0TrFhYgv6rBd+r
 /U/rUvHFhsrlAE93jmvqdILr3PqppUWfMpTTRR7tqVIFarOuQfz6ATjEdsaTEPE/KjO8
 xiXWiWAOkG4y8qQgef+lKi8R2163COx5GlN64qpL07gMzeWFS7seDrB3joozfRvj2F9D
 dWHaTdYscytM8AGfvAGGSL4OEP2HTL0kK6Isc6Q6MBryFq6O0+uEXqG5YDulUAG8fIy3
 8v9Q==
MIME-Version: 1.0
X-Received: by 10.50.128.169 with SMTP id np9mr1329875igb.37.1438306630977;
 Thu, 30 Jul 2015 18:37:10 -0700 (PDT)
Received: by 10.36.44.69 with HTTP; Thu, 30 Jul 2015 18:37:10 -0700 (PDT)
In-Reply-To: <55BAB4EF.2090905@riseup.net>
References: <55BAB4EF.2090905@riseup.net>
Date: Thu, 30 Jul 2015 21:37:10 -0400
Message-ID: <CAD2Ti2-126wRJtDNPm==JtSi2+-zBFc7etejXCT6Hcc_TxTp7w@mail.gmail.com>
From: grarpamp <grarpamp@gmail.com>
To: tor-talk@lists.torproject.org
Subject: Re: [tor-talk] Profiling Tor users via keystrokes
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On Thu, Jul 30, 2015 at 7:36 PM, flapflap <flapflap@riseup.net> wrote:
> http://arstechnica.com/security/2015/07/how-the-way-you-type-can-shatter-anonymity-even-on-tor/
> says that apparently it's possible to deanonymise Tor users by analysing
> their keystrokes in input fields of websites.

The came up years ago around SSH.

> Is it valid to assume that such a technique is possible to be deployed

Anything that reads your keystream by char or by chunk could do it.

> Is there need for modifications in the Tor Browser Bundle/upstream Firefox?

A keystroke reclocker / normalizer might be better integrated
as part of the keyboard driver in your OS. You'd only need to
code it once, and could tune it to suit you however you want.
Try checking with your OS.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

