Opened 3 years ago

Last modified 19 months ago

#18379 new enhancement

Mouse Tracking Defenses in Tor Browser

Reported by: cypherpunks Owned by: tbb-team
Priority: Very High Milestone:
Component: Applications/Tor Browser Version:
Severity: Major Keywords:
Cc: tbb-team, nord-stream@…, fdsfgs@… Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Besides keystroke fingerprinting (already defended against by Tor browser) another widely deployed tracking technique is mouse tracking that measures a user's mouse position and movement in real time with JS. every user has a unique behavior pattern that allow correlation and deanonymization of users. This type of fingerprinting has been exploited by surveillance companies like Facebook and Microsoft for five years now. [2][3]

[1] https://en.wikipedia.org/wiki/Mouse_tracking
[2] https://nakedsecurity.sophos.com/2013/11/01/facebook-to-silent-track-users-cursor-movements-to-see-which-ads-we-like-best/
[3] http://www.slate.com/blogs/future_tense/2015/06/16/facebook_s_new_attention_tracking_feature_is_super_creepy.html

Child Tickets

TicketTypeStatusOwnerSummary
#18537enhancementassignednickmResist keyboard and mouse biometrics and tracking

Change History (7)

comment:1 Changed 3 years ago by cypherpunks

Maybe this is already mitigated because you alter JS timing accuracy.

comment:2 Changed 3 years ago by cypherpunks

No, because not just short-time timing, but also cursor location, speed, direction and long-time timing are involved.

Some of the related fingerprinting methods are not easy to defend against. e.g. User A tends to click here after opening a link, etc. With recent advances in machine learning (e.g. deep learning) this kind of information is more valuable.

With that said, however, we can limit cursor position data without causing a major break because most important event handlers listen on click, mouseover, etc. Of course it may for example cause a glitch in script-generated tooltips.

Possibly, what is the easiest is making mouse position data opt-in in higher security settings (slider), like canvas data extraction.

comment:3 Changed 2 years ago by nord-stream

Cc: nord-stream@… added

comment:4 Changed 2 years ago by jessRD

You are right; I am more than sure it will cause a glitch in script-generated trigger.
Same issue with | Pimion - essay writers

Last edited 22 months ago by jessRD (previous) (diff)

comment:5 Changed 2 years ago by ufd33

Priority: Very HighImmediate

comment:6 Changed 22 months ago by cypherpunks

Priority: ImmediateVery High
Severity: CriticalMajor

I really don't think this needs an Immediate priority. You can mitigate this entirely by disabling JavaScript, and there are so many other issues which are far worse that do not have such a priority. Immediate is used for something that actually requires immediate attention.

FWIW, I really don't think it's possible to defend against this and still have JavaScript enabled without breaking the internet. Just turn off JS if you want to mitigate this in its entirety.

comment:7 Changed 19 months ago by tokotoko

Cc: fdsfgs@… added
Note: See TracTickets for help on using tickets.