Ticket #18328: 0001-Adding-back-the-Panopticlick-project.patch

File 0001-Adding-back-the-Panopticlick-project.patch, 3.4 KB (added by gk, 4 years ago)
  • getinvolved/en/volunteer.wml

    From 706b9373f311aa0c4b126a10e642d63e4abf0035 Mon Sep 17 00:00:00 2001
    From: Georg Koppen <gk@torproject.org>
    Date: Tue, 16 Feb 2016 11:18:20 +0000
    Subject: [PATCH] Adding back the Panopticlick project
    diff --git a/getinvolved/en/volunteer.wml b/getinvolved/en/volunteer.wml
    index e260318..c1d1b95 100644
    a b meetings around the world.</li> 
    437437    privacy and security issues in mainline version.
    438438    </p>
     440    <p>
     441    <b>Project Ideas:</b><br />
     442    <i><a href="#panopticlick">Panopticlick</a></i><br />
     443    </p>
    440445    <a id="project-httpseverywhere"></a>
    441446    <h3><a href="https://www.eff.org/https-everywhere">HTTPS Everywhere</a> (<a
    442447    href="https://gitweb.torproject.org/https-everywhere.git">code</a>, <a
    the codebase that you want to work on. 
    13881393    </p>
    13891394    </li>
     1396    <a id="panopticlick"></a>
     1397    <li>
     1398    <b>Panopticlick</b>
     1399    <br>
     1400    Effort Level: <i>Medium</i>
     1401    <br>
     1402    Skill Level: <i>Medium</i>
     1403    <br>
     1404    Likely Mentors: <i>Georg (GeKo)</i>
     1405    <p>
     1407The <a href="https://panopticlick.eff.org">Panopticlick project by the EFF</a>
     1408revolutionized how people think about <a
     1410fingerprinting</a>, both by developing tests and metrics to measure browser
     1411fingerprintability, and by crowdsourcing the evaluation and contribution of
     1412individual browser features to overall fingerprintability.
     1414    </p>
     1415    <p>
     1417Unfortunately, the way Panopticlick is designed <a
     1419it difficult</a> to evaluate defenses to browser fingerprinting, especially
     1420for browsers with a relatively small userbase such as Tor Browser. This is
     1421because any approach we take to reduce fingerprinting automatically makes our
     1422users more distinct from the previous users who submitted their fingerprint
     1423data to the EFF. Indeed, it is also impossible to ever expect that users of
     1424one browser will ever be able to blend in with users of another browser
     1425(Chrome users will always be distinguishable from Firefox users for example,
     1426based on feature set alone).
     1428   </p>
     1429   <p>
     1431To address this, we would like to have <a
     1432href="https://trac.torproject.org/projects/tor/ticket/6119">our own
     1433fingerprint test suite</a> to evaluate the fingerprintability of each browser
     1434feature for users running a specific Tor Browser version. There are also <a
     1436fingerprinting tests</a> we can add beyond those deployed by Panopticlick.
     1437   </p>
     1438   <p>
     1440For this project, the student would develop a website that users can
     1441voluntarily visit to test and record their Tor Browser fingerprint.  The user
     1442should get feedback on how she performed and the test results should be
     1443available in a machine readable format (e.g. JSON), broken down by Tor Browser
     1444version.  In a second step one could think about adding more sophisticated
     1445tests or supporting other browser vendors that might want to test the
     1446uniformity amongst their userbase as well. Of course, results from each
     1447browser would also need to be broken down by both browser implementation and
     1448version, so that results would only reflect the population of that specific
     1451    </p>
     1452    </li>
    13911454    <a id="ahmiaSearch"></a>
    13921455    <li>
    13931456    <b>Ahmia - Hidden Service Search</b>