Delivery-Date: Thu, 30 Jul 2015 23:24:03 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 0B9421E06C9;
	Thu, 30 Jul 2015 23:24:02 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 50131353DF;
	Fri, 31 Jul 2015 03:23:53 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 49B0534BA5
 for <tor-talk@lists.torproject.org>; Fri, 31 Jul 2015 03:23:49 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id ilBm3R-bzh6N for <tor-talk@lists.torproject.org>;
 Fri, 31 Jul 2015 03:23:49 +0000 (UTC)
Received: from mx.sysfu.com (mx.sysfu.com [104.244.76.186])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mx.sysfu.com",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id DC10033F07
 for <tor-talk@lists.torproject.org>; Fri, 31 Jul 2015 03:23:48 +0000 (UTC)
X-Greylist: delayed 399 seconds by postgrey-1.34 at eugeni;
 Fri, 31 Jul 2015 03:23:48 UTC
Received: from mx.sysfu.com (localhost [127.0.0.1])
 by mx.sysfu.com (OpenSMTPD) with ESMTP id 704c43c4;
 Fri, 31 Jul 2015 05:17:05 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sysfu.com; h=content-type
 :to:subject:references:date:mime-version
 :content-transfer-encoding:from:message-id:in-reply-to; s=main;
 bh=e5pLMXsWY0pcZiIcWauvQ+5cPJI=; b=Ll2bk0MYya5UUQ2Yn2g95htPHCSy
 nytV38eZwcbsbJgFBFryQM+dc35iTVzO2UxR6PwNF1ihtrxnVzDwm8Tb5P8RIPTY
 LhDmpCAmGhPv1Ufn2y8Y3DH7Eo7e8HNZiNx1KQeZQ+R/Fep03y7ugo1Lg6Kpa17o
 X7EEbgEhPpIac54=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sysfu.com; h=content-type:to
 :subject:references:date:mime-version:content-transfer-encoding
 :from:message-id:in-reply-to; q=dns; s=main; b=aeq5D+3Oobr+/avY5
 aNz3zF6Zza6mUjOGFoX66+QX0C67Qf+bayP/OUB9I8pp3Kw2pC32VMa5/4A7/ZIh
 /kzqBXrV1CbfaoKmPDJVfZ9pnSvXqQv95vjNqJqsxp0L3CzlMdnGtMPbV8xUkvGB
 PCKPRGwgKeO2poZ7fr6slWA58c=
Received: by mx.sysfu.com (OpenSMTPD) with ESMTPSA id 5584d724
 TLS version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO;
 Fri, 31 Jul 2015 05:17:04 +0200 (CEST)
To: tor-talk@lists.torproject.org, flapflap <flapflap@riseup.net>
References: <55BAB4EF.2090905@riseup.net>
Date: Thu, 30 Jul 2015 20:15:04 -0700
MIME-Version: 1.0
From: Seth <list@sysfu.com>
Message-ID: <op.x2mbbeyhbgbjo9@work-pc.lan>
In-Reply-To: <55BAB4EF.2090905@riseup.net>
User-Agent: Opera Mail/1.0 (Win32)
Subject: Re: [tor-talk] Profiling Tor users via keystrokes
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"; DelSp="yes"
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On Thu, 30 Jul 2015 16:36:15 -0700, flapflap <flapflap@riseup.net> wrote:
> http://arstechnica.com/security/2015/07/how-the-way-you-type-can-shatter-anonymity-even-on-tor/
> says that apparently it's possible to deanonymise Tor users by analysing
> their keystrokes in input fields of websites.
>
> Is it valid to assume that such a technique is possible to be deployed
> by, for example, cloudflare? (needs JavaScript, has an input field)
> (or is it required for learning to always enter the same text by the
> same user?)
>
> Is there need for modifications in the Tor Browser Bundle/upstream  
> Firefox?

Back in the late 90's there was a company in the Seattle area called  
Biopassword [1] that sold a biometric typing cadence two factor  
authentication product for Windows systems. I demoed it and it was eerily  
effective.

Can only imagine where the technology is now.

[1] https://web.archive.org/web/20010201063600/http://www.biopassword.com/
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

