Tor users can be tracked by mouse movements and processor benchmark

    Jose Carlos Norte, an independent researcher in information security, has identified a couple of new methods for deanonymizing Tor users. Methods involve identifying a “unique fingerprint” of the user using JavaScript, by which it can be tracked.

    image

    Creating a unique behavioral fingerprint is dangerous for Tor users, because the data obtained when working in Tor can be compared with the data obtained when working with a normal browser. This will not always allow us to determine the user with absolute accuracy, but it will give a start for the investigation.

    Although Roskomnadzor claimsthat the use of site blocking bypass tools is not against the law, behavioral technologies will help you find the right person - including in the reverse order: in Tor - from a normal browser.

    One of the vulnerabilities, writes Jose Carlos Norte , is the speed of interaction with the mouse wheel. It depends on the configuration of the operating system and on the hardware. Check how the result looks at this link . The next item is the speed of the mouse itself. Using JavaScript, you can measure it while the user is sitting in the browser.

    Again, using JavaScript, you can measure the characteristics of the user's CPU - record the time required to complete the task, and then use this information as a label of the suspect's computer. The Tor browser includes protection against such scenarios by restricting the Date.getTime () JavaScript function, but there are ways around this limitation.

    Norte described the use of another method, Element.getBoundingClientRect (), which returns a text rectangle object that includes a group of text rectangles. The return value is a TextRectangle object that contains the properties for reading left, top, right, and bottom, which describe the box with borders in the pixel dimension. Here's what the result looks like in the Tor browser from two different computers. The difference is obvious, and it can also be used to detect users.

    image

    image

    Norte’s research has shown how easily Tor’s unique fingerprints can be identified to track their online activity and correlate with visits to various pages.

    Also popular now: