[Whoops, dropped tails-dev in my first attempt to answer.] Georg Koppen: > Tails - News: >> This release is an emergency release to fix a critical security vulnerability >> in _Tor Browser_. >> >> It also fixes [other security >> vulnerabilities](https://tails.boum.org/security/Numerous_security_holes_in_3.13.1/). >> You should upgrade as soon as possible. >> >> # Changes >> >> ## Fixed _NoScript_ activation in _Tor Browser_ >> >> Starting from Friday May 3, a problem in _Firefox_ and _Tor Browser_ disabled >> all add-ons. This release reactivates all add-ons in _Tor Browser_, >> especially >> _NoScript_ which is used to: >> >> * Most importantly, protect against a very strong fingerprinting technique >> called _HTML5 canvas fingerprinting_ which can break your anonymity. > > Hm. How does it do that? In particular, what does it do in addition to > the defense we baked into Tor Browser and which is not NoScript > dependent? (see the: "Specific Fingerprinting Defenses in the Tor > Browser", subsection 2. HTML5 Canvas Extraction at > https://2019.www.torproject.org/projects/torbrowser/design/)
There's been a misunderstanding. We were supposed to talk about fingerprinting enabled by the loss of NoScript's WebGL click-to-play, not HTML5 canvas fingerprinting. Cheers! _______________________________________________ Tails-dev mailing list [email protected] https://www.autistici.org/mailman/listinfo/tails-dev To unsubscribe from this list, send an empty email to [email protected].
