commit 4c67df8cca70c69615ee42ec3119806198112203
Author: hiro <[email protected]>
Date: Wed Feb 27 17:01:50 2019 +0100
Update tracking
---
patterns/tracking-protection.md | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/patterns/tracking-protection.md b/patterns/tracking-protection.md
index 77b357a..45938b3 100644
--- a/patterns/tracking-protection.md
+++ b/patterns/tracking-protection.md
@@ -8,9 +8,18 @@ Categories:
*Avoid the tracking of visitors of websites.*
-## Threat model ##
+Websites collect an incredible amount of information about their visitors via
attributes of the browser. This information is shared with third parties and
saved in logs. This information can also be involuntarily leaked when accessed
by malicious actors or used by advertising and tracking network across the web
to reduce the anonymity set or identify individual users.
+
+Individual users are tracked via a technique known as *fingerprinting*.
Fingerprinting means accessing device features and behaviors in order to
differentiate one user from another. In this case the attacker uses any
information that is provided automatically by the browser or implements
mechanism involving some specific browser interactions, using JavaScript or
cookie-like identifier storage, just to name a few example.
+There are also some more advanced fingerprinting techniques trying to capture
users' behaviors.
+
+## Threat model ##
+- An attacker wants to access user configuration details (i.e. language
settings)
+- An attacker wants to access information about device and hardware
characteristics
+- An attacker wants to access information about the operating system and
version
+- An attacker wants to profile user behaviors by recording their in-site or
across-site (network) activity
## User story ##
_______________________________________________
tor-commits mailing list
[email protected]
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
