Dnia Monday, September 18, 2017 9:43:15 AM CEST jes...@gmail.com pisze:
> In the past I have used a Firefox plugin called "Better Privacy" to try to
> push back against multi-front user fingerprinting and analysis mechanisms
> such as the kind used by large advertising and user demographics companies
> which include the abuse of Flash LSOs, HTML5 local storage, Silverlight, et
> al to confirm that the same user is browsing along a website or a
> distributed ad network even when they "clear private data" or use incognito
> mode, even when they switch to different browsers installed on the same
> machine, even if they're using coffee shop wifi or VPNs so that they appear
> from different IP addresses, etc.
> (...)

O..k. Straight from the bat, why not Incognito/Private window?

I mean, on my non-Qubes system I have a "work" browser (a normal Firefox 
window, keeping sessions, accepting cookies, etc); and a "fun" browser 
(Chromium Incognito) for everything that I am concerned might track me.

On Qubes, the disposable VM is probably what you're after. But remember, even 
in an incognito window or in a disposable VM, you can be tracked as long as 
the session lasts (i.e. until you close the browser, or reboot the VM).

> So I am curious to what extent Qubes security domains may be sufficiently
> complete as to defeat potentially all of these mechanisms simultaneously?
> Especially if end-user configures one or more domains to pipe all network
> traffic over a VPN or tor to additionally differentiate their IP address?

Most of these mechanisms are browser-bound. Use the browser in your disposable 
VM. Using it through a VPN or Tor is a good idea too.

> I am especially interested to hear about how Qubes security domains interact
> with Flash LSOs, and .. whatever-it-is that Silverlight and other
> multi-browser plugins do, and whether *that* data leaks between domains. :/

Think of each AppVM as a separate machine yoiu're running stuff on. Flash/
Silverlight/etc do not have a way to break out of a VM.

> Thank you for any insight you guys may have on this matter, as it sounds
> like it speaks directly to Qubes primary mission goals of security by
> compartmentalization. :D

Compartmentalization does not do much for anonymity. As in, you can use Qubes, 
and be tracked through each of your AppVMs. You'll have three "identities", 
but all of them will be tracked, since regular AppVMs keep state (including 
browser cookies, etc, unles sthe browser is explicitly configured otherwise).

To combat tracking, I would use the Incognito/Private mode in your browser, or 
a browser in a disposable VM in Qubes. Or both.

Michał "rysiek" Woźniak

Zmieniam klucz GPG :: http://rys.io/pl/147
GPG Key Transition :: http://rys.io/en/147

You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
For more options, visit https://groups.google.com/d/optout.

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply via email to