Opened 5 years ago

Last modified 3 years ago

#16132 new defect

Session restore allows fingerprinting of users by choice of open tabs

Reported by: vynX Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: #16133 Points:
Reviewer: Sponsor:


This is a Firefox privacy problem that so far has not been considered of interest for Tor Browser since only "Private Browsing" is considered safe.

Many day-to-day users like to enjoy Tor Browser for its anonymization, reduced tracking and improved Javascript security but they are not paranoid about the security of their own computer, thus they don't enable Private Browsing all the time and prefer to enjoy the convenience of a browser that helps you do your everyday work (history completion, leaving tabs open for later etc).

Thus they will find themselves experiencing a browser or computer crash and be thankful to recover all the tabs when reopening the browser. The privacy bugfix that would be useful at this point is to modify Firefox's session resume in such a way that not only the tabs are loaded when accessed (which is already the default) but to also not access all the sites in the tabs just to have a neat favicon to display (considering also that the disk cache should have them already).

All there is to do is to disallow those outgoing HTTP requests during session restore.

Possibly related to #15781 or #10400.

This comes in a series of bug/enhancement requests relating to the purpose of making Tor Browser also support the bulk surveillance threat model, not just the targeted surveillance threat model (which includes distrusting the local computer and hard disk). In order to address bulk surveillance, Tor Browser needs to become an acceptable choice for mainstream users and work on its market share. This is reasonable because none of the existing mainstream browsers fill that role, they all support the surveillance apparatus.

Child Tickets

Change History (2)

comment:1 Changed 5 years ago by vynX

Parent ID: #16133

comment:2 Changed 3 years ago by teor

Severity: Normal

Set all open tickets without a severity to "Normal"

Note: See TracTickets for help on using tickets.