Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
T
Tor Browser
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 1,533
    • Issues 1,533
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 1
    • Merge Requests 1
  • Operations
    • Operations
    • Incidents
  • Analytics
    • Analytics
    • Repository
    • Value Stream
  • Wiki
    • Wiki
  • Members
    • Members
  • Activity
  • Graph
  • Create a new issue
  • Commits
  • Issue Boards
Collapse sidebar

GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

  • The Tor Project
  • Applications
  • Tor Browser
  • Issues
  • #29887

Closed
Open
Opened Mar 25, 2019 by Trac@tracbot

Potential user activity data leak

The user preferences file at ./Browser/TorBrowser/Data/Browser/profile.default/prefs.js contains data that can be used to tie anonymous activity via Tor in a certain time period to a particular user. This information may serve as additional evidence and help repressive regimes to identify activists and whistleblowers.

The most sensitive data is contained in the following parameters:

  • toolkit.startup.last_success - time of last successful browser startup.
  • browser.laterrun.bookkeeping.profileCreationTime - profile creation time, i.e. when this browser was started for the first time.

All other parameters listed below are regularly updated during the browser's run. Given their quantity, they may serve as a pretty reliable indication of when this particular user was online.

  • app.update.lastUpdateTime.addon-background-update-timer
  • app.update.lastUpdateTime.background-update-timer
  • app.update.lastUpdateTime.blocklist-background-update-timer
  • app.update.lastUpdateTime.browser-cleanup-thumbnails
  • app.update.lastUpdateTime.experiments-update-timer
  • app.update.lastUpdateTime.search-engine-update-timer
  • app.update.lastUpdateTime.xpi-signature-verification
  • extensions.blocklist.lastModified
  • extensions.torbutton.lastUpdateCheck
  • idle.lastDailyNotification
  • media.gmp-manager.lastCheck
  • places.database.lastMaintenance
  • storage.vacuum.last.places.sqlite
  • app.update.lastUpdateTime.xpi-signature-verification

If there are any other such parameters, they may pose a security risk as well.

As a possible solution, we propose that these parameters should not be updated at all, and the browser should treat every time it is run as the first.

Trac:
Username: pf.team

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
None
Milestone
None
Assign milestone
Time tracking
None
Due date
None
Reference: tpo/applications/tor-browser#29887