Something I noticed some time ago while doing diffs. We have:
user_pref("network.proxy.socks_remote_dns", true);
just in case users access the Tor network from Firefox, but we also have:
user_pref("privacy.donottrackheader.enabled", true);
...which is default false in TBB, therefore it would make such FF users more unique. I am aware that there are other factors like PB mode, and even some extensions that can set the DNT header regardless of this pref, but maybe there should be a little note/warning there like:
/* 1610: ALL: enable the DNT (Do Not Track) HTTP header
* [SETTING] Privacy & Security>Content Blocking>Send websites a "Do Not Track"...
* [NOTE] DNT is enforced with TP (see 0420) regardless of this pref
* [NOTE] Set to false if connecting over the Tor network ***/
user_pref("privacy.donottrackheader.enabled", true);
or, if you (we?) don't support Firefox over Tor, maybe it would help to add a little statement somewhere making that fact very clear and shortly explaining why. Maybe in 0704, like:
/* 0704: enforce the proxy server to do any DNS lookups when using SOCKS
* e.g. in TOR, this stops your local DNS server from knowing your Tor destination
* as a remote Tor node will handle the DNS request
* [1] http://kb.mozillazine.org/Network.proxy.socks_remote_dns
* [2] https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/WebBrowsers
* [NOTE] We do *not* support connecting over Tor on Firefox because a number of settings and
characteristics differ from the TBB and they can make you more easily identifiable ***/
user_pref("network.proxy.socks_remote_dns", true);
Whatcha think?
claustromaniac
All 18 comments
I do not want to encourage anyone to connect over tor except with the Tor Browser.Let's not encourage stupidity - let's add that in the user.js
Edit: top line of the whole user.js ... if you require Tor, then use thew Tor Browser
Thorin-Oakenpants
on 22 Nov 2018
DNT is a bitch. For some reason Georg at Tor hates DNT with a passion, whereas others, like Arthur, simply see it as a metric to be dealt with. Read 1466025
Anyway, regardless of TBB vs FF over Tor, they are already super easy to distinguish - I can think of at least 5 ways right now (and there are probably several dozen).
Thorin-Oakenpants
on 22 Nov 2018
OT: super easy way to detect PB Mode: https://bugzilla.mozilla.org/show_bug.cgi?id=1506680#c6 (for earthlng if he wants to built his own little PoC and share)
Thorin-Oakenpants
on 22 Nov 2018
Also, we could add a line & link in the readme.md, something like:
If required, use (hyperlinked) the Tor Browser (hidden services, threat model). We do not recommend connecting over Tor on Firefox
Thorin-Oakenpants
on 23 Nov 2018
Anyway, regardless of TBB vs FF over Tor, they are already super easy to distinguish - I can think of at least 5 ways right now (and there are probably several dozen).
I haven't looked at the differences too closely myself, but if it is so easy in general to tell two Firefox users apart, I can imagine how it is to distinguish TBB vs FF over Tor. Besides, I would never use FF without extensions, and I guess most Tor users don't use additional addons - that alone should make such users rather unique.
I just remembered that there's also 1607 for the Firefox-over-Tor scenario, which seems like another good reason to add these warnings. Otherwise it can be (mis)interpreted as a safe/acceptable practice privacy-wise.
Edit: I'll do a PR (unless someone beats me to it, that is).
claustromaniac
on 23 Nov 2018
top line of the whole user.js ...
if you require Tor, then use thew Tor Browser
Moving any of the 4 upper lines would require some minor modifications in the updater scripts (not a problem, just FYI).
(hidden services, threat model)
Are those meant to be hyperlinks as well?
claustromaniac
on 23 Nov 2018
Umm, I was exaggerating. We do not need to use the top line of the user.js. Use this
```* README:
- Consider using the Tor Browser. Blah blah.. what should we put here. Something short
- READ the full README
- READ this
```
Its no longer called TBB, they dropped the Bundle bit
Thorin-Oakenpants
on 23 Nov 2018
Are those meant to be hyperlinks as well?
no. it was just an example sentence. We should have one hyperlink for Tor Browser and point ot the official Tor website: https://www.torproject.org/projects/torbrowser.html.en
But I would like a second, official link that explains moar. Let's find one
Thorin-Oakenpants
on 23 Nov 2018
this is quite a cool page: https://www.torproject.org/about/torusers.html.en to use with threat model
I'm sure you will come up with something for the repo's readme.md
Thorin-Oakenpants
on 23 Nov 2018
OT: super easy way to detect PB Mode: https://bugzilla.mozilla.org/show_bug.cgi?id=1506680#c6 (for earthlng if he wants to built his own little PoC and share)
Here's a really simple test page that successfully determines whether or not you are using private browsing mode:
https://gist.github.com/overdodactyl/934ab50cad62166e3a108210e141bcc8
overdodactyl
on 24 Nov 2018
See how you like this, :jeans:
https://github.com/ghacksuserjs/ghacks-user.js/compare/master...FF-over-Tor-warnings
I may be a bit too long/wordy. Check the grammar, too (I'm no native english speaker, as you already know).
I still can't make up my mind about the bit in the user.js. I agree that it would be nice to add something there, but if we keep that part of the README as I wrote it, whatever we put in the mini readme in the user.js will get redundant (because step 1 is Read the full README). I guess I still lean toward adding small warnings in the sections that could be misinterpreted, or reword them in a way that makes it clear that we do not recommend using Firefox over Tor.
claustromaniac
on 24 Nov 2018
@claustromaniac - looks good to me, except be careful with that bullet thing - we still want https://ghacksuserjs.github.io/ghacks-user.js/ to show them. If you screw it up, you have to fix it :)
Thorin-Oakenpants
on 24 Nov 2018
PS: what happened to user.js readme numbered item 0
Thorin-Oakenpants
on 24 Nov 2018
be careful with that bullet thing - we still want https://ghacksuserjs.github.io/ghacks-user.js/ to show them.
I'm not sure it will work, but I say let's find out if GitHub is as smart as I think it is ;)
what happened to user.js readme numbered item 0
That's what I couldn't make up my mind about (read above).
claustromaniac
on 24 Nov 2018
@overdodactyl - see https://github.com/ghacksuserjs/ghacks-user.js/issues/550#issuecomment-441342493
Thorin-Oakenpants
on 24 Nov 2018
That's what I couldn't make up my mind about (read above).
:-1:
1. READ the full README...
2. READ this...
3. If you skipped steps 1 and 2 above (shame on you), then here is the absolute minimum
* Consider using Tor Browser if it meets your needs or fits your threat model better
- https://www.torproject.org/about/torusers.html.en
* Auto-installing...
Hate it. It's not as prominent, I don't like. It should really be the first step, i.e picking the right tool. I don't mind it as step 0, and anyway, part 3 is about using this user.js (so what if the readme ALSO warns people to pick the right tool)
:+1:
0. Consider using Tor Browser if it meets your needs or fits your threat model better
* https://www.torproject.org/about/torusers.html.en
1. READ the full README
Just roll with it :cat2:
Thorin-Oakenpants
on 24 Nov 2018
Dang. The bullets are gone. That's disappointing, GitHub!
EDIT: false alarm, check it out it woooooooooorked!
claustromaniac
on 24 Nov 2018
I think I'll assign you all the other open tickets
Did I not see that coming?. I'll un-assign myself just as fast. 卢卢
claustromaniac
on 24 Nov 2018
Related issues
Thorin-Oakenpants
路
5Comments
hunkjazz
路
5Comments
Thorin-Oakenpants
路
7Comments
crssi
路
4Comments
TerkiKerel
路
4Comments
Most helpful comment
I do not want to encourage anyone to connect over tor except with the Tor Browser.Let's not encourage stupidity - let's add that in the user.js
Edit: top line of the whole user.js ...
if you require Tor, then use thew Tor Browser