Delivery-Date: Sat, 26 Sep 2015 11:47:03 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 541461E0ABE;
	Sat, 26 Sep 2015 11:47:02 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 788A637676;
	Sat, 26 Sep 2015 15:46:55 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 0D6C73765B
 for <tor-talk@lists.torproject.org>; Sat, 26 Sep 2015 15:46:52 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 4IL0E8OSv4Pm for <tor-talk@lists.torproject.org>;
 Sat, 26 Sep 2015 15:46:51 +0000 (UTC)
Received: from mail-wi0-x232.google.com (mail-wi0-x232.google.com
 [IPv6:2a00:1450:400c:c05::232])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id BEE6937656
 for <tor-talk@lists.torproject.org>; Sat, 26 Sep 2015 15:46:51 +0000 (UTC)
Received: by wicfx3 with SMTP id fx3so52199798wic.0
 for <tor-talk@lists.torproject.org>; Sat, 26 Sep 2015 08:46:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=googlemail.com; s=20120113;
 h=from:subject:to:references:message-id:date:user-agent:mime-version
 :in-reply-to:content-type:content-transfer-encoding;
 bh=fuIieXrIAtqUni6MO/UVZJKM09VfjcoCwR/WEx+IFjc=;
 b=Bd7n8Lh6X+h/7iEzJdIR6e4km+pBImfv1vIsxk7jUe5Mf5Mq4IlkqltONI14b5bC76
 lbiHopiOt1B3qgnvNREVD7g+lt9XO79qZIZGlTBIhCwkvzwxE1IkmMRAK037zgqiyvuR
 y//MOm2b7z6rPDZ9Zl2WHmw0yg2wvxbNwWRBupJuHcUZHWuj9PLXTQfDNSDgYmjcpKn7
 u3gK2u/CGkK3wdVsfdqFToH5rcTAsWvBQ6qc1IBqlUi7YOQZRRvWrGLxdqFYF2OZWA4w
 8D1d3JdQhyzUKK/ZCgqGLTJU6EdLVgYQagvvREebqGHqjzp+knIGuHlAuKxoVSAKmUGa
 BD3w==
X-Received: by 10.180.82.7 with SMTP id e7mr9358135wiy.19.1443282408582;
 Sat, 26 Sep 2015 08:46:48 -0700 (PDT)
Received: from [172.16.41.91] (195-154-136-42.rev.poneytelecom.eu.
 [195.154.136.42])
 by smtp.googlemail.com with ESMTPSA id gh9sm8903371wjb.27.2015.09.26.08.46.47
 for <tor-talk@lists.torproject.org>
 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Sat, 26 Sep 2015 08:46:47 -0700 (PDT)
From: aka <akademiker1@googlemail.com>
X-Google-Original-From: aka <akademiker1@gmail.com>
To: tor-talk@lists.torproject.org
References: <CAKcCSXpdFGPLe_4vOtQuTg-MU=+Jjg2gFm3HiOeDDjFPq6Q+zA@mail.gmail.com>
X-Enigmail-Draft-Status: N1110
Message-ID: <5606BD85.2050601@gmail.com>
Date: Sat, 26 Sep 2015 17:45:09 +0200
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101
 Thunderbird/38.2.0
MIME-Version: 1.0
In-Reply-To: <CAKcCSXpdFGPLe_4vOtQuTg-MU=+Jjg2gFm3HiOeDDjFPq6Q+zA@mail.gmail.com>
Subject: Re: [tor-talk] Making TBB undetectable!
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Can't TBB devs just patch in a hardcoded 1366x768 window and screen size
in the javascript handler?

Also, if you want true undetectability you need to install a Tor
instance and your OS for TBB in seperate VMs and setup the Tor VM to be
a transparent router for your OS, so even if java/flash/exploit is
executed, it doesn't leak your real IP, since even your OS in the VM is
forced through Tor.
The FBI used an old firefox exploit to execute native code and did plain
IP requests to uncover users. In that configuration they would need an
additional VM escape exploit, which raises the cost exponentially.

behnaz Shirazi wrote:
> In many different cases TBB users have to be undetectable (bypassing
> flags, escaping from deep investigations, confusing malicious iframes
> etc etc) when traffic flows through custom Tor exite nodes or even
> when traffic flows directly just for the privacy TBB offers at client
> side compared to plain Firefox.
> 
> 
> TBB have a distinguishable User-Agent and screen size that can be
> easily changed to something more common but it also have other
> fingerprints that are hard to change, such as timezone=0 or
> navigator.plugins=none or some dialogs [1] [2]. And TBB have even more
> fingerprints that we are not aware of yet
> 
> 
> Can someone please teach Tor users how to modify the source code and
> compile a custom build or create browser Add-ons that subvert these
> detection methods? There must be an option for those who urgently
> (...) need undetectability and it doesn't require much effort to make
> that happen.
> 
> 
> [1]: https://www.browserleaks.com/canvas
> [2]: https://www.browserleaks.com/firefox
> 
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

