On 2013-08-20 2:33 PM, Tom Ritter wrote:
On 20 August 2013 14:26, Gervase Markham <g...@mozilla.org> wrote:
On 19/08/13 04:07, Brian Smith wrote:
When risk is there to a user of having a network eavesdropper able to
tell that they are using a particular browser? If I had an exploit for a
particular browser, I'd just try it anyway and see if it worked. That
seems to be the normal pattern.
One example is Tor: it tries to look like "a normal browser" so that it is
hard to detect that you are using Tor. And, if Tor is properly configured
then the network attacker will never see any non-TLS traffic.
But if Tor Browser is based on Firefox, then it'll have the same TLS
signature as Firefox anyway?
Not Tor Browser, but the Tor protocol itself. For more information,
the spec document that deals with this is:
https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/198-restore-clienthello-semantics.txt
I expect if all the browsers change their ciphersuite selection, Tor
will follow suit. Looking like an *old* browser would eventually become
suspicious.
zw
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
