Delivery-Date: Tue, 29 Sep 2015 11:44:57 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD,UNPARSEABLE_RELAY
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id F187C1E128C;
	Tue, 29 Sep 2015 11:44:55 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 8C92B37629;
	Tue, 29 Sep 2015 15:44:51 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 1583737493
 for <tor-talk@lists.torproject.org>; Tue, 29 Sep 2015 15:44:48 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id dfpBtFn5OiM3 for <tor-talk@lists.torproject.org>;
 Tue, 29 Sep 2015 15:44:48 +0000 (UTC)
Received: from mx1.riseup.net (mx1.riseup.net [198.252.153.129])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id D002636820
 for <tor-talk@lists.torproject.org>; Tue, 29 Sep 2015 15:44:47 +0000 (UTC)
Received: from cotinga.riseup.net (unknown [10.0.1.161])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (verified OK))
 by mx1.riseup.net (Postfix) with ESMTPS id 1795BC2988;
 Tue, 29 Sep 2015 08:44:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak;
 t=1443541485; bh=4gEkikdoPYqk4+0kKKR3ochn1kWtfSHd0X9K6wDSp8c=;
 h=Date:From:To:Cc:Subject:In-Reply-To:References:From;
 b=hn5cfxkhlngyhZGR+bBBbmgTVBrtEe77zEJDhg6/1WcMo3SkeNolbgvBJbT0JetQw
 A07i50aGO1c/U2DMIAXT7caRqQuJBgmYuoOGF0mJAgbQDfDlbZ/7NgTVKML0+mrqbn
 BdYHpeu6yApr6Mue/db/tH77tExu3kZ7nsC55c9U=
Received: from [127.0.0.1] (localhost [127.0.0.1])
 (Authenticated sender: pacifica) with ESMTPSA id EF6A71C009C
MIME-Version: 1.0
Date: Tue, 29 Sep 2015 15:44:44 +0000
From: pacifica@riseup.net
To: tor-talk@lists.torproject.org
In-Reply-To: <560AAAC9.4020001@gmail.com>
References: <7757388edf9790a0fad5afca48569b52@riseup.net>
 <560AAAC9.4020001@gmail.com>
Message-ID: <e758ffe6cee4c5630084e7925ae0f65a@riseup.net>
X-Sender: pacifica@riseup.net
User-Agent: Riseup mail
X-Virus-Scanned: clamav-milter 0.98.7 at mx1.riseup.net
X-Virus-Status: Clean
Subject: Re: [tor-talk] New methods / research to detect add-ons?
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Thanks aka -- I'm familiar with the conventional wisdom that add-ons 
make you more unique... but I am really looking for any formal study or 
code PoC that perhaps identifies more direct methods of detecting 
add-ons. Perhaps it's different for every add-on, and it probably is, 
especially considering some add-ons may not be reviewed for 
security/privacy at all. So some library would probably need to be 
compiled and maintained to try to exhaustively detect all known add-ons, 
similar to fingerprint.js.

The current logic (AFAIK) would be: if websiteA.com hasn't developed a 
detection technique for Add-On-X, then it can't detect it. I suspect 
add-ons could be detected more directly, but I have not seen any study 
or code to support that yet.

To be clear, I'm not arguing that TBB's design logic is flawed here at 
all -- I know it's not, and I can think of a _lot_ of reasons why, a 
couple of which you listed. Anything that distinguishes you from "the 
herd" is "bad" to the extent it doesn't catastrophically compromise your 
security.

But I'm still looking for something a bit more formal in terms of 
discussing a quantitative, or pseudo-quantitative impact on anonymity / 
privacy by add-on detection either in code PoC or academic research...

Thank you for your reply. I completely agree with TP's position on 
add-ons and often advocate for the same. Just playing devil's 
advocate... :)

Thanks,

pacifica


On 2015-09-29 15:14, aka wrote:
> Every add-on installed/not installed gives you one more bit of 
> detection.
> For example to detect HTTPS-Everywhere you start a http connection via
> javascript and check if it gets automaticly upgraded to https. To 
> detect
> Adblock you check via javascript if a certain ad got loaded. To detect
> Scriptblock you check if javascript got executed at all.The three
> examples above give you 3 more bits, so your detection got 8 times more
> targeted.
> If the NSA now records you visiting an internet forum via TBB and
> leaking something and detect another visitor with the same 3 bits set
> looking for a train scheduele, they can verify with a high confidence
> you posted that message and live in that area.
> That's why it's important that every TBB installation has the same
> Http-Header values and same add-ons.
> You don't need any studies, it's simple common knowledge.
> 
> pacifica@riseup.net wrote:
>> Hello afternoon / evening / morning tor-talk -- I am hoping that 
>> someone
>> can point me in the right direction. I know it is well-discussed that
>> adding Firefox add-ons to the Tor Browser Bundle decreases anonymity,
>> but I would like to review the studies myself. I'm having trouble
>> finding credible research where detection of add-ons has resulting in 
>> a
>> significant decrease in anonymity... can someone please point me to
>> those resources?
>> 
>> To be explicit, I am not concerned with "plug-ins" like Java or Flash,
>> but rather "add-ons" like HTTPS everywhere or Privacy Badger.
>> 
>> Thanks in advance.
>> 
>> pacifica

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

