Re: [Tails-dev] todo/network_fingerprint

Poista viesti

Vastaa
Lähettäjä: adrelanos
Päiväys:  
Vastaanottaja: tails-dev
Aihe: Re: [Tails-dev] todo/network_fingerprint
intrigeri:
> Hi,
>
> adrelanos wrote (30 Jun 2013 14:01:04 GMT) :
>> intrigeri:
>>> If bridge mode (or whatever the censorship circumvention / Tails
>>> detection protection option is called) is enabled, then yes. Would you
>>> be willing to prepare a patch to our design/implementation doc that
>>> makes this clear?
>
>> I am happy to look at it.
>
> Great!


I made a mistake here, I read "review" a patch, which I understood as
looking at it.

Creating one is much harder. I don't match your fine way of sticking to
the point and I am always too verbose. :/

Anyhow, my best try:

(I could create a discussion page (no permission).)

I propose the following a a replacement for the Fingerprint chapter here:
https://tails.boum.org/contribute/design/#index4h1

# Fingerprint
Tails tries to make it as difficult as possible to distinguish Tails
users from other Tor users.

## Web Fingerprint
Iceweasel is configured to match the fingerprint of the Tor Browser
Bundle and the known differences, if any, are listed in the [known
issues](https://tails.boum.org/support/known_issues/index.en.html) page.

However the fact that different extensions are installed in Tails and in
the TBB surely allows more sophisticated attacks that usual fingerprint
as returned by tools such as https://panopticlick.eff.org/ and
http://ip-check.info/. For example, the fact that Adblock is removing
ads could be analysed.

## Network Fingerprint
>From the point of view of the local network administrator, Tails is

almost exclusively generating Tor activity and that is probably quite
different from other TBB users. We believe this would be hard to avoid.

If the censorship circumvention option (implemented as bridge mode) or
possible future Tails detection protection option is enabled, we want
the network fingerprint detection resistance, at least to the extend,
that it beats DPI boxes at least as good as the censorship circumvention
tool (implemented using pluggable transports) does.



And there https://tails.boum.org/contribute/design/Time_syncing
/#index5h1 I'd remove:

"Tails developers still need to think thoroughly of these questions: are
such fingerprinting possibilities a serious problem? What kind of
efforts and compromise should be made to prevent these?"


Cheers,
adrelanos