Tor browser deanonymization/fingerprinting via cached intermediate CAs
Hi,
I get different results testing https://fiprinca.0x90.eu/poc/ in a fresh Tor browser than in the Tor browser I've been using to browse the web for a bit. (Both are running as Qubes disposable VMs so I haven't tested persistence).
Expected behaviour: my Tor browser (version "6.5, based on Mozilla Firefox 45.7.0") should not leak information about what sites I've visited.
Actual behaviour: I see four cached CAs in the "warmed" browser, leaking information about what sites I've visited.
Version: 6.5
https://shiftordie.de/blog/2017/02/21/fingerprinting-firefox-users-with-cached-intermediate-ca-certificates-fiprinca/ has a writeup by the author.
To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information