Re: [qubes-users] Supercookies / Zombie cookies / Web Tracking — how effective are Qubes security domains against this

2017-09-19 Thread Leo Gaspard
On 09/19/2017 02:23 PM, taii...@gmx.com wrote:> It is impossible to have storage communication between VM's, that would > be a separate security issue. > On timing attacks or w/e - you may be able to avoid cross communication > by putting every AppVM on a separate core of a many core CPU such as

Re: [qubes-users] Supercookies / Zombie cookies / Web Tracking — how effective are Qubes security domains against this

2017-09-19 Thread taii...@gmx.com
Well considering the OP is using gmail I think that this is the least of his worries. If the browsers in two AppVM's are exactly the same then you can easily correlate them which is the whole point of browser fingerprinting, they will appear exactly the same to an observer. It is impossible

Re: [qubes-users] Supercookies / Zombie cookies / Web Tracking — how effective are Qubes security domains against this

2017-09-19 Thread rysiek
Dnia Monday, September 18, 2017 8:23:46 PM CEST Ted Brenner pisze: > Not sure if Chromium is free of Google or not. Me neither, but this does not build confidence: https://bugs.chromium.org/p/chromium/issues/detail?id=500922 https://news.ycombinator.com/item?id=9724409 They fixed it soon after

Re: [qubes-users] Supercookies / Zombie cookies / Web Tracking — how effective are Qubes security domains against this

2017-09-18 Thread Ted Brenner
I thought I read somewhere that VMs make it harder to fingerprint using the CPU, graphics card, etc. Did anyone else read that? That would be a feather in Qubes's hat if true. Any suggestions for a good anonymizing browser (besides the Tor browser of course)? I would assume Firefox would have the

Re: [qubes-users] Supercookies / Zombie cookies / Web Tracking — how effective are Qubes security domains against this

2017-09-18 Thread jesset
Roger that, thank you Leo so it sounds as though Qubes ought to be up to snuff for all contemporary ad instustry practices that Google, Facebook, Doubleclick etc are liable to try but that Qubes + anonymizing browser is a better bet against more sophisticated tracking in case that were a

Re: [qubes-users] Supercookies / Zombie cookies / Web Tracking — how effective are Qubes security domains against this

2017-09-18 Thread Leo Gaspard
On 09/18/2017 09:27 PM, jes...@gmail.com wrote: > Thank you Micah and Michał, but I am not actually asking about a standard as > strong as 100% bulletproof anonymity or anything. I really am just concerned > about whether any of the methods on that list that I linked to would be > enough to

Re: [qubes-users] Supercookies / Zombie cookies / Web Tracking — how effective are Qubes security domains against this

2017-09-18 Thread rysiek
Hey, Dnia Monday, September 18, 2017 12:27:21 PM CEST jes...@gmail.com pisze: > My only concern is working to ensure that to an outside observer such as > webservers and ad networks nothing short of the shared IP address (and via > Tor or VPN or different IPs honestly allocated to different

Re: [qubes-users] Supercookies / Zombie cookies / Web Tracking — how effective are Qubes security domains against this

2017-09-18 Thread jesset
Thank you Micah and Michał, but I am not actually asking about a standard as strong as 100% bulletproof anonymity or anything. I really am just concerned about whether any of the methods on that list that I linked to would be enough to leak cookie-like reference data between two separate Qubes

Re: [qubes-users] Supercookies / Zombie cookies / Web Tracking — how effective are Qubes security domains against this

2017-09-18 Thread rysiek
Dnia Monday, September 18, 2017 10:56:33 AM CEST Micah Lee pisze: > Qubes security domains don't necessarily help solve this problem because > really the problem is how your web browsers are configured. > > So a tracking company can't link your browsing activity between Qubes > domains -- your

Re: [qubes-users] Supercookies / Zombie cookies / Web Tracking — how effective are Qubes security domains against this

2017-09-18 Thread rysiek
Hey, Dnia Monday, September 18, 2017 9:43:15 AM CEST jes...@gmail.com pisze: > In the past I have used a Firefox plugin called "Better Privacy" to try to > push back against multi-front user fingerprinting and analysis mechanisms > such as the kind used by large advertising and user demographics

Re: [qubes-users] Supercookies / Zombie cookies / Web Tracking — how effective are Qubes security domains against this

2017-09-18 Thread Micah Lee
Qubes security domains don't necessarily help solve this problem because really the problem is how your web browsers are configured. So a tracking company can't link your browsing activity between Qubes domains -- your "personal" traffic and "work" traffic might look like two separate people --

[qubes-users] Supercookies / Zombie cookies / Web Tracking — how effective are Qubes security domains against this

2017-09-18 Thread jesset
In the past I have used a Firefox plugin called "Better Privacy" to try to push back against multi-front user fingerprinting and analysis mechanisms such as the kind used by large advertising and user demographics companies which include the abuse of Flash LSOs, HTML5 local storage,