New cross-browser fingerprinting method
This isnt really an enhancement, but is everyone here aware of this new cross-browser fingerprinting method? Have there been any tests of the current Tor Browser's resistance to this?
https://arstechnica.com/information-technology/2017/02/now-sites-can-fingerprint-you-online-even-when-you-use-multiple-browsers/ http://yinzhicao.org/TrackingFree/crossbrowsertracking_NDSS17.pdf
If already discussed elsewhere, redirect to relevant ticket.
I tested the uniquemachine.org webpage on the Tor Browser on a computer running Windows10 and it got stuck on 'fingerprinting GPU' and the display of graphics - probably due to webGL disabled but i cant be sure.
In terms of defenses to this:
- Disabling javascript is the obvious. webGL is already disabled by default in the Tor Browser, so all ok there ?
- disabling the microphone is another measure. i cant see that Windows10 has the option to disable speakers aside from turning the volume down to 0 for all apps, or for just for the Tor Browser.
- Is running the Tor Browser in a virtual machine kind of overkill to be completely sure of preventing this (and other) cross-browser fingerprinting?
Trac:
Username: thelamper