Opened 3 months ago

Last modified 6 weeks ago

#30543 new defect

device orientation leaks

Reported by: Thorin Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: tbb-fingerprinting, tbb-mobile
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

RFP spoofs landscape on devices

However css @media orientation and also matchMedia leak - see upcoming attached pic where RFP=on, the phone is in reality in portrait mode. Orientation = landscape (spoofed), but the others say otherwise

mdn (this is what gets spoofed)
https://developer.mozilla.org/en-US/docs/Web/API/Screen/orientation#Example

var orientation = screen.msOrientation || (screen.orientation || screen.mozOrientation

css (leaks)

@media (orientation:portrait){#YourID:after{content:"portrait";}}
@media (orientation:landscape){#YourID:after{content:"landscape";}}

matchMedia (leaks)

if (window.matchMedia("(orientation: portrait)").matches) return "portrait";
if (window.matchMedia("(orientation: landscape)").matches) return "landscape";

[1] https://ghacksuserjs.github.io/TorZillaPrint/TorZillaPrint.html#screen

Child Tickets

Attachments (1)

dev-orientation.png (102.5 KB) - added by Thorin 3 months ago.

Download all attachments as: .zip

Change History (5)

Changed 3 months ago by Thorin

Attachment: dev-orientation.png added

comment:1 Changed 3 months ago by gk

Keywords: tbb-mobile added

comment:2 Changed 8 weeks ago by sysrqb

This one is tricky. I'm not sure if spoofing the device orientation is really important, but I think we should be consistent. We should either spoof all of these values or none of them.

comment:3 Changed 8 weeks ago by Thorin

Orientation wouldn't even be a stable metric, IMO: and most mobile device users would orientate the same per site: i.e it is driven by content? I've never seen it in any fp scripts, TBH.

I'm not hardware savvy: but do laptop and desktop support this, e.g with rotating screens. We could ignore android, and only apply orientation to win/mac/linux. i.e least apply landscape to css media orientation like we do for the two css media resolutions. matchMedia I'm not sure about. And their will be other methods, I'm sure.

Or we could not bother. Going full screen will leak orientation. A lot of desktop/laptop users (I assume, once letterboxing is implemented: even if that only enhances rather than replaces new win sizes) will go FS, maximize, or resize to match orientation to get real estate usage: i.e inner window = your orientation. So I think it may be a losing battle. I also wonder how much this may affect functionality on some sites. And lastly, the solution IMO is Tor uptake: e.g tripling the user base etc simplistically negates what we do here now.

+1 for not spoofing orientation

comment:4 Changed 6 weeks ago by tom

I'm not hardware savvy: but do laptop and desktop support this, e.g with rotating screens. We could ignore android, and only apply orientation to win/mac/linux. i.e least apply landscape to css media orientation like we do for the two css media resolutions. matchMedia I'm not sure about. And their will be other methods, I'm sure.

I tested with my Windows Surface tablet: yes desktop will reveal the orientation if you have it non-standard and yes there are open leaks where RFP doesn't work.

So this might be a WONTFIX for mobile (which I agree with) but it is an active open issue on desktop that makes a few people look quite unique. We should open a bugzilla bug for these if we don't have one...

Note: See TracTickets for help on using tickets.