Proposal for TOR Browser extension
At TU Darmstadt, we developed a Firefox Add-On PassSec+: https://www.secuso.informatik.tu-darmstadt.de/en/secuso-home/research/results/passsec/
PassSec+ has two key functions:
- Protection of passwords, bank details and other sensitive data when https is not used
- Changing cookie settings for more privacy
We are wondering whether the TOR community is interested in integrating it in the TOR browser.
Kind regards, Kristoffer
Trac:
Username: SECUSO_Kristoffer
Activity
This extension requires extended validation SSL certificates to show the green status. Otherwise it shows a yellow status. For HTTP, it shows a red status. This is not an accurate representation of the security of Tor onion sites (hidden services) - even if they use HTTP, they're secure (as long as the address is correct).
SECUSO_Kristoffer, do you have plans to add a check for onion sites to your extension?
Also, it chooses one of ten random images per-user. This could be a fingerprinting vector:
- is it loaded from a remote site?
- what happens when a Tor Browser user selects "new identity" (or quits and reopens the browser)?
- do we choose a new image at random, destroying the utility of this feature?
- or do we preserve the image, providing a fingerprinting vector?
- or do we just use one symbol for Tor Browser users? Then it would be easy to fake based on the user agent.
What would you do about this issue?
Trac:
Status: new to needs_information
Thanks for your comment!
Currently, like you said, PassSec shows a wrong indicator on onion sites. We plan to add an additional case to mark these sites as safe.
Regarding your second question on the icons: No third party content is loaded. All icons/images are included within this add-on. The user's choice of any specific icon is therefore not leaked. All computations are local, like the different indicators. PassSec checks if there https is available on a specific website by sending a request to the site the user currently visits. PassSec injects the icons locally based on the analysis of the website and the request.
If you have any further questions please comment again. Thanks.
Trac:
Username: SECUSO_KristofferReplying to SECUSO_Kristoffer:
Thanks for your comment!
Currently, like you said, PassSec shows a wrong indicator on onion sites. We plan to add an additional case to mark these sites as safe.
Thanks!
Regarding your second question on the icons: No third party content is loaded. All icons/images are included within this add-on. The user's choice of any specific icon is therefore not leaked. All computations are local, like the different indicators. PassSec checks if there https is available on a specific website by sending a request to the site the user currently visits. PassSec injects the icons locally based on the analysis of the website and the request.
The random, persistent choice of icon is vulnerable to server probing via HTML Canvas, and perhaps other mechanisms.
If it's made persistent on disk, it's also vulnerable to file fingerprinting, allowing forensic analysis to discover the choice of icon even if Tor is restarted or "new identity" is chosen.
-
Replying to teor:
The random, persistent choice of icon is vulnerable to server probing via HTML Canvas, and perhaps other mechanisms.
If it's made persistent on disk, it's also vulnerable to file fingerprinting, allowing forensic analysis to discover the choice of icon even if Tor is restarted or "new identity" is chosen.
Thanks for answer. What do you think of the following idea: We keep the highlighted password and form fields but we remove the yellow/green icons. The warning dialogs should be fine as well because they are the same for every user.
(Sorry for replying with a new account but I wasn't able to reset my password)
Trac:
Username: SECUSO_Kris
