Resolution fingerprinting possible with Tor Browser Bundle
There seems to be a major problem in terms of screen size (resolution) fingerprinting possibility - checked on https://panopticlick.eff.org:
E.g., plain Firefox 33.1.1 on WinXP SP3 Home 32 bit is shown as 1024x600x24, independently of whether the menu bar is shown or not.
On the other hand, torbrowser-install-4.0.1_en-US.exe on the same machine causes following instead:
- With menu bar shown (default): 1024x476x24 ("one in 1183729.75 browsers have this value")
- With menu bar disabled: 1024x499x24 ("one in 175367.48 browsers have this value")
As far as I remember, pre-4.0 versions of TBB had some hard-coded commonly used value, such as 1024x768x24 or something.