Opened 5 years ago

Closed 4 years ago

#13952 closed defect (not a bug)

TOR browser reports wrong resolution

Reported by: yids Owned by: tbb-team
Priority: Very High Milestone:
Component: Applications/Tor Browser Version: Tor: unspecified
Severity: Normal Keywords: resolution
Cc: brade, mcs Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

When checking on panopticlick.eff.org, I found out that my tor browser reports the resolution of the window size, not my actual resolution. Even reporting my actual resolution is unwanted for fingerprinting browsers I guess.
I am running debian jessie with the DWM window manger and xorg xserver.

Child Tickets

Change History (5)

comment:1 Changed 5 years ago by Marnes

This is indeed bad for the user in terms of fingerprinting.

The following is the fingerprint of vanilla tor browser, freshly installed and unmodified: http://puu.sh/dN8co/58ddab89bb.png (1 in 2.5 million)

This is the fingerprint of my regular Firefox with a bunch of add-ons and no particular privacy features: http://puu.sh/dN8bC/7c22d700bc.png (1 in 800 thousand)

The unusual resolution is unique to people with my screen resolution + tor browser < people with my screen resolution. It causes the fingerprint to be 4 times worse.

The only specific measures I took in Firefox is settings plugins.enumerable_names to an empty string to prevent Java from sending a boatload of compatibility info, and using click-to-play for everything.

comment:2 in reply to:  1 ; Changed 5 years ago by mcs

Cc: brade mcs added

Replying to Marnes:

This is indeed bad for the user in terms of fingerprinting.

The following is the fingerprint of vanilla tor browser, freshly installed and unmodified: http://puu.sh/dN8co/58ddab89bb.png (1 in 2.5 million)

Did you resize your browser window?
Also see ticket:14098#comment:5

comment:3 in reply to:  2 ; Changed 5 years ago by Marnes

Replying to mcs:

Replying to Marnes:

This is indeed bad for the user in terms of fingerprinting.

The following is the fingerprint of vanilla tor browser, freshly installed and unmodified: http://puu.sh/dN8co/58ddab89bb.png (1 in 2.5 million)

Did you resize your browser window?
Also see ticket:14098#comment:5

Nope, it's maximized and the same size.

comment:4 in reply to:  3 Changed 5 years ago by gk

Replying to Marnes:

Replying to mcs:

Replying to Marnes:

This is indeed bad for the user in terms of fingerprinting.

The following is the fingerprint of vanilla tor browser, freshly installed and unmodified: http://puu.sh/dN8co/58ddab89bb.png (1 in 2.5 million)

Did you resize your browser window?
Also see ticket:14098#comment:5

Nope, it's maximized and the same size.

You maximize your window by resizing it and if you do that the respective protections Tor Browser is currently offering are gone. What is shown to you as the screen size if you do the test with a clean new Tor Browser without touching the size of your browser windows manually?

comment:5 Changed 4 years ago by bugzilla

Resolution: not a bug
Severity: Normal
Status: newclosed

TS (yids) wondered why TBB reported resolution of window instead of desktop. Answer: TBB spoofs all resolution requests to reduce fingerprinting.

Note: See TracTickets for help on using tickets.