Bug #11257
Feature Request: Anti-Keystroke Fingerprinting Tool
0%
Description
Keystroke fingerprinting works by measuring how long keys are pressed and the time between presses. Its very high accuracy poses a serious threat to anonymous users.[1]
This tracking technology has been deployed by major advertisers (Google, Facebook), banks and massive online courses. Its also happening at a massive scale because just using an interactive JS application in presence of a network adversary that records all traffic allows them to construct biometric models for virtually everyone (think Google suggestions) even if the website does not record these biometric stats itself.[2] They have this data from everyone’s clearnet browsing and by comparing this to data exiting the Tor network they will unmask users.
As a countermeasure security researcher Paul Moore created a prototype Chrome plugin known as KeyboardPrivacy. It works by caching keystrokes and introducing a random delay before passing them on to a webpage.[3] Unfortunately there is no source code available for the add-on and the planned Firefox version has not surfaced so far. There are hints that the author wants to create a closed hardware solution that implements this which does not help our cause.
A very much needed project would be to write a program that mimics the functionality of the this add-on but on the display server / OS level. Ideally the solution would be compatible with Wayland for the upcoming transition in the near future.
[1] http://arstechnica.com/security/2015/07/how-the-way-you-type-can-shatter-anonymity-even-on-tor/
[2] http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=7358795
Subtasks
History
#1 Updated by Dr_Whax 2016-03-17 16:33:06
- Priority changed from High to Low
While I agree that we’d like something like this.. somebody has to do the actual work. Most probably, these people won’t be us since were over occupied. But we welcome contributions to make this happen! Maybe one could apply to Tor Project GSOC to make a start?
Lowering priority to low since we won’t do the work.
#2 Updated by mercedes508 2016-03-17 16:46:19
- Status changed from New to Confirmed
#3 Updated by sajolida 2016-03-18 14:59:55
- Assignee set to bancfc
- QA Check set to Info Needed
Is this relevant outside of the browser? If so in which cases? Otherwise why couldn’t this be solved in the browser only?
#4 Updated by bancfc 2016-03-18 21:45:52
Unfortunately not yet fixed in Tor Browser.
Quote Dr. Steven Murdoch, Researcher and Developer
Tor Browser does reduce the precision of the Javascript timers available for fingerprinting, but Runa’s experiment shows that this is not sufficient to defeat the attack.
It’s very useful to have it fixed on the OS level, then even compromised containers could not perform keystroke fingerprinting. Another reason is, that other applications (chat clients come to mind) and others that implement javascript one or another way, may be leaking this also. So having this fixed in Tor Browser is nice but non-ideal.
#5 Updated by BitingBird 2016-06-26 12:03:18
- Affected tool set to Browser
#6 Updated by Anonymous 2017-06-30 10:26:26
- QA Check deleted (
Info Needed)
According to https://www.torproject.org/projects/torbrowser/design/ paragraph 20
TorBrowser has patched Firefox in order to avoid fingerprinting. Quoting this document: “Implementation Status: We clamp keyboard event resolution to 100ms with a Firefox patch.”
Patch: https://gitweb.torproject.org/tor-browser.git/commit/?h=tor-browser-45.8.0esr-6.5-2&id=1febc98f7ae5dbec845567415bd5b703ee45d774
I believe that this issue should be solved in TorBrowser in any case.
So I wonder @bancfc, does this resolve this ticket or are you still missing some information?
#7 Updated by Anonymous 2018-08-17 16:04:33
- Status changed from Confirmed to Rejected
No news in a year and abovementioned fix. Rejecting. Feel free to reopen if necessary.