Opened 4 years ago

Closed 3 years ago

#13585 closed task (invalid)

Investigate recommending or including "Policeman" (Firefox Addon)

Reported by: bastik Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Investigate the Firefox addon Policeman. It's code lives here.

I know about fingerprinting issues and this addon would be your worst nightmares because it allows to distinguish between pictures, media, scripts, styles, frames, but that is not why I'm suggesting to review this addon to see if it can be recommended safely or included into the Tor Browser for the following purpose.

It has two ruleset which are currently disabled by default. The rulesets isolate i2p and .onion requests. An .onion does not load resources from example.org and example.org does not load resources from any .onion

I think it is useful to disable loading resources from any non .onion source, by default, because beside the .onion owner some third-party could track Tor users, without uncovering them.

So basically check if you can recommend or include it to allow every request from anywhere to anywhere (therefore no fingerprinting) and configure the addon to guard .onion and maybe i2p.

Child Tickets

Change History (1)

comment:1 Changed 3 years ago by bastik

Resolution: invalid
Severity: Normal
Status: newclosed

outdated

Note: See TracTickets for help on using tickets.