In the past I have used a Firefox plugin called "Better Privacy" to try to push 
back against multi-front user fingerprinting and analysis mechanisms such as 
the kind used by large advertising and user demographics companies which 
include the abuse of Flash LSOs, HTML5 local storage, Silverlight, et al to 
confirm that the same user is browsing along a website or a distributed ad 
network even when they "clear private data" or use incognito mode, even when 
they switch to different browsers installed on the same machine, even if 
they're using coffee shop wifi or VPNs so that they appear from different IP 
addresses, etc.

The take home being that it only takes one (1) fingerprint hit through one (1) 
of the avenues available to tracking organizations to confirm that they are 
dealing with the same end-user (or household unit, or something close enough to 
pad their toxic dossier with) and thus to link every cookie fingerprint that 
they know for this user across both domains under the same umbrella.

A pretty thorough look at all of the strategies that I am at least aware of can 
be had at this url:

So I am curious to what extent Qubes security domains may be sufficiently 
complete as to defeat potentially all of these mechanisms simultaneously? 
Especially if end-user configures one or more domains to pipe all network 
traffic over a VPN or tor to additionally differentiate their IP address?

I am especially interested to hear about how Qubes security domains interact 
with Flash LSOs, and .. whatever-it-is that Silverlight and other multi-browser 
plugins do, and whether *that* data leaks between domains. :/

Thank you for any insight you guys may have on this matter, as it sounds like 
it speaks directly to Qubes primary mission goals of security by 
compartmentalization. :D

You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
To post to this group, send email to
To view this discussion on the web visit
For more options, visit

Reply via email to