Delivery-Date: Mon, 05 Oct 2015 05:14:27 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.3 required=5.0 tests=BAYES_00,DKIM_ADSP_ALL,
	DKIM_SIGNED,RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD autolearn=ham
	version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 528581E01B4;
	Mon,  5 Oct 2015 05:14:25 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 3AB0C37CD8;
	Mon,  5 Oct 2015 09:14:20 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 7941437C9E
 for <tor-talk@lists.torproject.org>; Mon,  5 Oct 2015 09:14:15 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id zsyE6t9Xk7NY for <tor-talk@lists.torproject.org>;
 Mon,  5 Oct 2015 09:14:15 +0000 (UTC)
Received: from smtp9.openmailbox.org (smtp9.openmailbox.org [62.4.1.43])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id 4E12A37BE9
 for <tor-talk@lists.torproject.org>; Mon,  5 Oct 2015 09:14:15 +0000 (UTC)
Received: by mail2.openmailbox.org (Postfix, from userid 1004)
 id 177F12AC1054; Mon,  5 Oct 2015 11:14:12 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=openmailbox.org;
 s=openmailbox; t=1444036452;
 bh=LT0fdPaFhp/UzOpbRZGMYsqtieVywAMhq/LOrAd/xOU=;
 h=Date:From:To:Subject:In-Reply-To:References:From;
 b=G8ggybgkBTxzld2PMjepxYmu0+QLfAC1IddYKld/gqNMMr+IjrfkVSWnKK4PeHwgL
 0onIWn27j7SDniLq2n2ALT8PbzUVD6VdemuCH6xuehcoy61IVrVX8ZuNqDB/B5Z+gi
 4klPL7v81WIArlUxpSKjQm+AodW220i+3udCxjfo=
Received: from www.openmailbox.org (openmailbox-b1 [10.91.69.218])
 by mail2.openmailbox.org (Postfix) with ESMTP id DB94F2AC0CD3
 for <tor-talk@lists.torproject.org>; Mon,  5 Oct 2015 11:14:11 +0200 (CEST)
Authentication-Results: mail2.openmailbox.org; dkim=none
 reason="no signature"; dkim-adsp=fail (unprotected policy);
 dkim-atps=neutral
MIME-Version: 1.0
Date: Mon, 05 Oct 2015 02:14:11 -0700
From: Spencer <spencerone@openmailbox.org>
To: tor-talk@lists.torproject.org
In-Reply-To: <53c83ea7f52c48a56e9ce37bd69f7745@openmailbox.org>
References: <CAKcCSXohYs-2CiRiaMpObDkvvRRhOg23YDnOZA+wr6+=+1kqRw@mail.gmail.com>
 <CABMkiz6_nnMpghj-Q4yxKZHKhAdEschZAMybGC_JHjxVR_aJWw@mail.gmail.com>
 <CAKcCSXrv9iDswGGwmBdRvv6Z06zURAVS3V6Yox-wT_RJFscH=g@mail.gmail.com>
 <CABMkiz4prBsatyCz=WZx-6jucUiq3n2_Ox5upDOeH4KCxs1MMw@mail.gmail.com>
 <53c83ea7f52c48a56e9ce37bd69f7745@openmailbox.org>
Message-ID: <e5bee6d7d1afeb8d82c0922c39b1053e@openmailbox.org>
X-Sender: spencerone@openmailbox.org
User-Agent: Roundcube Webmail/1.0.6
Subject: [tor-talk] Making TBB undetectable!
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Hi,

> 
> Ben Tasker:
> The problem you have there, is what to randomize,
> 

The various bits that define your fingerprint.

> 
> but natural's hard to fake
> 

No need to spoof traffic if using real fingerprint variables.

> 
> When we're talking about making the browser unidentifiable as TBB, the 
> very
> act of having something in the fingerprint that changes to prevent
> correlation between sessions provides an avenue by which it can be
> identified as TBB:
> 

I feel like behavior will address the examples for this argument.

>> 
>> Spencer:
>> Making people blend into the crowd of regular internet users is best 
>> but
>> only if we resolve the traffic source; i.e., Tor exits.
>> 
> 
> That's quite an issue to solve though. [Attackers can] map out Tor 
> exits...
> 

True, but we can come up with other ideas than using the public Tor 
exits.

> 
> the aim isn't to hide that you're using Tor
> from your destination, and successfully doing so would (IMO) be a 
> pretty
> non-trivial task
> 

But it is, and I agree :)

> 
> Those are a list of the requests we know are differentiators, it 
> doesn't
> mean that others won't be discovered, you'd need to gamble that 
> anything
> found is publicly disclosed when it's found, rather than kept quiet by 
> an
> adversary.
> 

But this is the case for everybody everywhere.

> 
> What you're essentially asking for is a browser that behaves
> like TBB (i.e. the various privacy protections) whilst pretending it
> behaves like a Google Nexus (for example). It's not that it'd be 
> impossible
> to do, but one tiny mistake or oversight takes you straight back to 
> being
> finger-printable, and almost uniquely so if very few are using
> Unidentifiable Mode.
> 

With the fingerprint, isn't it only valuable over multiple sessions, and 
if others aren't also using that same ID?

> 
> So, you can fairly easily poll for various add-ons. Not sure it'd 
> affect
> your add-on, but seemed worth mentioning.
> 

I don't see this being an add-on as much as being in the settings 
options (which can probably be detected?) where the User Agent is 
located.  The User Agent would be a nice way to simplify the various 
IDs.

The IDs can be open-source and added to other browsers as a standard way 
of providing detectability.

Wordlife,
Spencer

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

