On Thursday, June 9, 2016 at 9:16:27 PM UTC+2, entr0py wrote:
> The point of my previous post was that Tor Browser resolution is *not* the > same among all Tor Browsers. The reason your Tor Browser defaults to > 1000x600 at startup is precisely because your screen resolution is 1366x768 > (my first guess was 1280x720 but that might drop you to 1000x500). 1000 is > the max width and 600 is the max vertical your screen resolution supports > (when you take into account taskbars, menu bars, tab bars, etc.) One guy > turned his 1920x1200 monitor sideways, which basically meant he was using a > unique browser. Even more dangerous is the fact that you can resize your > Tor Browser to any unique value that you want (fix in progress: > https://trac.torproject.org/projects/tor/ticket/14429). > > As long as https://github.com/QubesOS/qubes-issues/issues/1856 still > produces multiples of 200x100 screens, then it's more of an annoyance > rather than a catastrophic bug. Instead of being lumped together with the > Tor Browser users you were expecting, you're be grouped with other Tor > Browser users instead. (Still useful to know why it happens though.) > Oh I see, so it's not always 1000x600. In that case, it makes little sense to me. what's exactly the point of converting 1920x1080 to 1800x1000 and 1366x768 to 1000x600 etc. I suppose it deals with the fact that different platforms have different taskbar sizes so it's not actually 1920x1080 - 10 or so pixels? > > > Of course it would be so much easier if one could just have an 'insider > > look' at the NSA so we know exactly what they're using to track Tor > users > > :) Passive timing correlation seems somewhat far fedged to me since > nodes > > are scattered across the globe. hacking into the endpoint seems most > > plausible but that doesn't work so well on Whonix.. > > Not that far-fetched - it's the motivation behind persistent entry guards. > Nodes may be scattered across the globe but your packets are being streamed > through one circuit at a time - each packet doesn't route randomly all over > the world. The packets in each of your streams can be correlated. Also, no > one needs to hack into your machine. While you may have your machine locked > down and airtight, do you share the same confidence about your ISP? Your > ISP is one of your endpoints too :) (They might even be a cooperative > endpoint.) > Hmm yes, I suppose you're right. I'm using a VPN (from bitmask.net) in addition to Tor. Not sure to what extend that helps against traffic correlation but it doesn't hurt to have as an additional layer. -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/7d6dbaa0-e8ea-482d-addb-f5481cd42e1c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
