Opened 22 months ago

Last modified 10 months ago

#18379 new enhancement

Mouse Tracking Defenses in Tor Browser

Reported by: cypherpunks Owned by: tbb-team
Priority: Very High Milestone:
Component: Applications/Tor Browser Version:
Severity: Major Keywords:
Cc: tbb-team, nord-stream@…, fdsfgs@… Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Besides keystroke fingerprinting (already defended against by Tor browser) another widely deployed tracking technique is mouse tracking that measures a user's mouse position and movement in real time with JS. every user has a unique behavior pattern that allow correlation and deanonymization of users. This type of fingerprinting has been exploited by surveillance companies like Facebook and Microsoft for five years now. [2][3]

[1] https://en.wikipedia.org/wiki/Mouse_tracking
[2] https://nakedsecurity.sophos.com/2013/11/01/facebook-to-silent-track-users-cursor-movements-to-see-which-ads-we-like-best/
[3] http://www.slate.com/blogs/future_tense/2015/06/16/facebook_s_new_attention_tracking_feature_is_super_creepy.html

Child Tickets

TicketTypeStatusOwnerSummary
#18537enhancementassignednickmResist keyboard and mouse biometrics and tracking

Change History (7)

comment:1 Changed 22 months ago by cypherpunks

Maybe this is already mitigated because you alter JS timing accuracy.

comment:2 Changed 21 months ago by cypherpunks

No, because not just short-time timing, but also cursor location, speed, direction and long-time timing are involved.

Some of the related fingerprinting methods are not easy to defend against. e.g. User A tends to click here after opening a link, etc. With recent advances in machine learning (e.g. deep learning) this kind of information is more valuable.

With that said, however, we can limit cursor position data without causing a major break because most important event handlers listen on click, mouseover, etc. Of course it may for example cause a glitch in script-generated tooltips.

Possibly, what is the easiest is making mouse position data opt-in in higher security settings (slider), like canvas data extraction.

comment:3 Changed 17 months ago by nord-stream

Cc: nord-stream@… added

comment:4 Changed 14 months ago by jessRD

You are right; I am more than sure it will cause a glitch in script-generated trigger.
Same issue with | Pimion - essay writers

Last edited 13 months ago by jessRD (previous) (diff)

comment:5 Changed 14 months ago by ufd33

Priority: Very HighImmediate

comment:6 Changed 12 months ago by cypherpunks

Priority: ImmediateVery High
Severity: CriticalMajor

I really don't think this needs an Immediate priority. You can mitigate this entirely by disabling JavaScript, and there are so many other issues which are far worse that do not have such a priority. Immediate is used for something that actually requires immediate attention.

FWIW, I really don't think it's possible to defend against this and still have JavaScript enabled without breaking the internet. Just turn off JS if you want to mitigate this in its entirety.

comment:7 Changed 10 months ago by tokotoko

Cc: fdsfgs@… added
Note: See TracTickets for help on using tickets.