Ticket #18328: 0001-Adding-back-the-Panopticlick-project.patch

File 0001-Adding-back-the-Panopticlick-project.patch, 3.4 KB (added by gk, 4 years ago)
  • getinvolved/en/volunteer.wml

    From 706b9373f311aa0c4b126a10e642d63e4abf0035 Mon Sep 17 00:00:00 2001
    From: Georg Koppen <gk@torproject.org>
    Date: Tue, 16 Feb 2016 11:18:20 +0000
    Subject: [PATCH] Adding back the Panopticlick project
    
    
    diff --git a/getinvolved/en/volunteer.wml b/getinvolved/en/volunteer.wml
    index e260318..c1d1b95 100644
    a b meetings around the world.</li> 
    437437    privacy and security issues in mainline version.
    438438    </p>
    439439
     440    <p>
     441    <b>Project Ideas:</b><br />
     442    <i><a href="#panopticlick">Panopticlick</a></i><br />
     443    </p>
     444
    440445    <a id="project-httpseverywhere"></a>
    441446    <h3><a href="https://www.eff.org/https-everywhere">HTTPS Everywhere</a> (<a
    442447    href="https://gitweb.torproject.org/https-everywhere.git">code</a>, <a
    the codebase that you want to work on. 
    13881393    </p>
    13891394    </li>
    13901395
     1396    <a id="panopticlick"></a>
     1397    <li>
     1398    <b>Panopticlick</b>
     1399    <br>
     1400    Effort Level: <i>Medium</i>
     1401    <br>
     1402    Skill Level: <i>Medium</i>
     1403    <br>
     1404    Likely Mentors: <i>Georg (GeKo)</i>
     1405    <p>
     1406
     1407The <a href="https://panopticlick.eff.org">Panopticlick project by the EFF</a>
     1408revolutionized how people think about <a
     1409href="https://panopticlick.eff.org/browser-uniqueness.pdf">browser
     1410fingerprinting</a>, both by developing tests and metrics to measure browser
     1411fingerprintability, and by crowdsourcing the evaluation and contribution of
     1412individual browser features to overall fingerprintability.
     1413
     1414    </p>
     1415    <p>
     1416
     1417Unfortunately, the way Panopticlick is designed <a
     1418href="https://blog.torproject.org/blog/effs-panopticlick-and-torbutton">makes
     1419it difficult</a> to evaluate defenses to browser fingerprinting, especially
     1420for browsers with a relatively small userbase such as Tor Browser. This is
     1421because any approach we take to reduce fingerprinting automatically makes our
     1422users more distinct from the previous users who submitted their fingerprint
     1423data to the EFF. Indeed, it is also impossible to ever expect that users of
     1424one browser will ever be able to blend in with users of another browser
     1425(Chrome users will always be distinguishable from Firefox users for example,
     1426based on feature set alone).
     1427
     1428   </p>
     1429   <p>
     1430
     1431To address this, we would like to have <a
     1432href="https://trac.torproject.org/projects/tor/ticket/6119">our own
     1433fingerprint test suite</a> to evaluate the fingerprintability of each browser
     1434feature for users running a specific Tor Browser version. There are also <a
     1435href="https://trac.torproject.org/projects/tor/query?keywords=~tbb-fingerprinting">additional
     1436fingerprinting tests</a> we can add beyond those deployed by Panopticlick.
     1437   </p>
     1438   <p>
     1439
     1440For this project, the student would develop a website that users can
     1441voluntarily visit to test and record their Tor Browser fingerprint.  The user
     1442should get feedback on how she performed and the test results should be
     1443available in a machine readable format (e.g. JSON), broken down by Tor Browser
     1444version.  In a second step one could think about adding more sophisticated
     1445tests or supporting other browser vendors that might want to test the
     1446uniformity amongst their userbase as well. Of course, results from each
     1447browser would also need to be broken down by both browser implementation and
     1448version, so that results would only reflect the population of that specific
     1449implementation.
     1450
     1451    </p>
     1452    </li>
     1453
    13911454    <a id="ahmiaSearch"></a>
    13921455    <li>
    13931456    <b>Ahmia - Hidden Service Search</b>