Feature #5975

Update design documentation about network fingerprinting

Added by Tails 2013-07-18 07:48:53 . Updated 2018-02-06 18:03:09 .

Status:
Rejected
Priority:
Normal
Assignee:
Category:
Target version:
Start date:
Due date:
% Done:

0%

Feature Branch:
Type of work:
Contributors documentation
Blueprint:

Starter:
0
Affected tool:
Deliverable for:

Description

Discussion:

[Tails-dev] todo/network_fingerprint

Original:

https://tails.boum.org/contribute/design/#index4h1

3.11 Fingerprint

Tails tries to make it as difficult as possible to distinguish Tails users from other Tor users.

Iceweasel is configured to match the fingerprint of the Tor Browser Bundle and the known differences, if any, are listed in the known issues page.

However the fact that different extensions are installed in Tails and in the TBB surely allows more sophisticated attacks that usual fingerprint as returned by tools such as https://panopticlick.eff.org/ and http://ip-check.info/. For example, the fact that Adblock is removing ads could be analysed.

From the point of view of the local network administrator, Tails is almost exclusively generating Tor activity and that is probably quite different from other TBB users. We believe this would be hard to avoid. Other possible fingerprint issues on the LAN or ISP exist but we believe they would be harder to detect. See the discussion on fingerprinting in the Time sync design document and the fingerprint documentation.

Proposed change:

Fingerprint

Tails tries to make it as difficult as possible to distinguish Tails users from other Tor users.

Web Fingerprint

Iceweasel is configured to match the fingerprint of the Tor Browser Bundle and the known differences, if any, are listed in the known issues page.

However the fact that different extensions are installed in Tails and in the TBB surely allows more sophisticated attacks that usual fingerprint as returned by tools such as https://panopticlick.eff.org/ and http://ip-check.info/. For example, the fact that Adblock is removing ads could be analyzed.

Network Fingerprint

From the point of view of the local network administrator, Tails is almost exclusively generating Tor activity and that is probably quite different from other TBB users. We believe this would be hard to avoid.

If the censorship circumvention option (implemented as bridge mode) or possible future Tails detection protection option is enabled, we want the network fingerprint detection resistance, at least to the extend, that it beats DPI boxes at least as good as the censorship circumvention tool (implemented using pluggable transports) does.

And there https://tails.boum.org/contribute/design/Time_syncing /#index5h1 I’d remove:

"Tails developers still need to think thoroughly of these questions: are such fingerprinting possibilities a serious problem? What kind of efforts and compromise should be made to prevent these?"

Subtasks

Related issues

Blocks Tails - Feature #5773: Revisit network fingerprinting design wrt. NTP Confirmed

History

#1 Updated by intrigeri 2013-07-19 09:45:45

  • Subject changed from design fingerprint update to update network fingerprint design documentation
  • Starter set to No

#2 Updated by sajolida 2013-07-19 09:54:01

  • Assignee set to sajolida

#3 Updated by sajolida 2013-09-29 01:33:16

  • Status changed from Confirmed to Resolved

The current documentation on fingerprinting already mentions:

  • The fact that a powerful attacker on the destination side can distinguish between Tails and TBB since they behave differently regarding advertisement.
  • The fact that Tails might look suspicious on the LAN side because it generates only Tor traffic.

So I’m closing that ticket. Did I missed something?

#4 Updated by intrigeri 2013-09-29 02:40:24

I’m unsure the current design doc accurately reflects the decisions made at Tails summit 2012. E.g. on the web side of things, IIRC we decided we cared about what a webmaster / web server admin can see, but not so much about what an exit node operator can see (e.g. this explained why we keep shipping an ad blocker). I cannot find anything that precise in the current design doc. This is the kind of things this ticket was about, but unfortunately, I can’t find the meeting notes — perhaps the person (anonym) who was supposed to adapt the design doc has personal notes?

#5 Updated by sajolida 2013-10-09 10:02:39

  • Status changed from Resolved to In Progress
  • Assignee changed from sajolida to anonym

#6 Updated by intrigeri 2014-06-21 13:23:24

  • Subject changed from update network fingerprint design documentation to Update design documentation about network fingerprinting

#7 Updated by intrigeri 2014-06-21 14:40:43

  • blocks Feature #5773: Revisit network fingerprinting design wrt. NTP added

#8 Updated by BitingBird 2015-01-11 01:11:52

  • Type of work changed from End-user documentation to Contributors documentation

#9 Updated by BitingBird 2015-02-23 09:59:47

The ticket description speaks a lot about FF/TBB… and we’re now shipping TBB. We still have Adblock and maybe some other differences, but probably minor.

#10 Updated by anonym 2017-03-02 10:07:13

  • Assignee deleted (anonym)

#11 Updated by Anonymous 2018-01-15 14:23:39

  • Status changed from In Progress to Rejected

This ticket does not seem relevant anymore -> closing.

#12 Updated by intrigeri 2018-02-06 18:03:09

  • Target version deleted (Hole in the Roof)