Skip to content

GitLab

  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • T Tor Browser
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 1,284
    • Issues 1,284
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 6
    • Merge requests 6
  • Deployments
    • Deployments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • Repository
  • Wiki
    • Wiki
  • Activity
  • Graph
  • Create a new issue
  • Commits
  • Issue Boards
Collapse sidebar
  • The Tor Project
  • Applications
  • Tor Browser
  • Issues
  • #12999

Closed
Open
Created Aug 29, 2014 by Arthur Edelstein@arthuredelstein

Use one clock skew per URL bar domain

When legacy/trac#3455 (moved) lands, Tor Browser will have a separate Identity (i.e., circuit) for each URL bar domain. JavaScript clock skew fingerprinting is one way attackers can try to link Identities. Tor Browser could counter this by maintaining a separate clock skew for each URL bar domain.

When the user browses to a new URL bar domain, Tor Browser would

  1. Create a new circuit
  2. Request clock time from exit node (already tied to Identity)
  3. Store clock skew in a one-to-one mapping of skews->URL bar domains
  4. Apply clock skew to any JS clock requests under that domain
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking