Security/Fusion/Dashboard/Fingerprinting

From MozillaWiki
Jump to navigation Jump to search

Bug Tracking

Anti-fingerprinting MVP bugs are tracked under the meta bug:
bug 1329996 - [META] Tor Uplift: Fingerprinting Resistance

The MVP is defined as the fingerprinting protection which is needed or would be used by Tor Browser. For general fingerprinting issues but not necessary to fix in Tor, we use the Whiteboard keyword "[fingerprinting]" to specify them.

There are breakages caused by the fingerprinting resistance feature. They are tracked by another meta bug:
bug 1507517 - [META] Breakage from Fingerprinting Resistance

Whiteboard Definition

  • [fingerprinting]: Fingerprinting bugs
  • [fp-triaged]: Already triaged.
    • Priority must be set.
    • P1/P2 must have an assignee.

Fingerprinting Bugs

Open P1 Bugs (We are actively working on them)

No results.

0 Total; 0 Open (0%); 0 Resolved (0%); 0 Verified (0%);


Open P2 Bugs (Important. We will work on them ASAP)

Full Query
ID Summary Priority Status Assigned to Whiteboard
1041818 take steps to mitigate canvas fingerprinting P2 NEW [fingerprinting][tor][fp-triaged]
1397996 scrollbar thickness reveals platform P2 NEW [tor][fingerprinting][fp-triaged][tor 22137]
1485249 WebGL extensions should be disabled when private.resistFingerprinting is enabled P2 NEW [tor 6370][gfx-noted][fingerprinting][fp-triaged]
1948457 Window rounding fingerprinting protection no longer works with vertical tabs enabled, all windows created maximized P2 NEW [fidefe-sidebar]

4 Total; 4 Open (100%); 0 Resolved (0%); 0 Verified (0%);


P3-P5 Bugs (Backlog)

Full Query
ID Summary Priority Status Assigned to Whiteboard
1315203 XSHM: Cross Site History Manipulation (information leakage) P3 NEW [fingerprinting][fp-triaged]
1330882 When privacy.resistFingerprinting = true, set new windows to rounded dimensions [tor 19459] P3 REOPENED [fingerprinting][tor][fp-triaged]
1401493 Perform Fingerprint Comparison of Tor Browser and Firefox P3 NEW [tor][fingerprinting][fp-triaged]
1409974 KeyboardEvent.location could be used as a user behavior fingerprinting vector. P3 NEW [fingerprinting][fp-triaged]
1414311 New window size is different than expected after changing screen dpi (with privacy.resistFingerprinting pref enabled) P3 NEW [fingerprinting][fp-triaged][tor 30970]
1422482 OS username disclosure using downloads manager P3 NEW [fingerprinting][tor]
1422890 Add additional Canvas Fingerprinting Tests P3 NEW [fingerprinting][gfx-noted][fp-triaged]
1439784 Fix the KeyboardEvent mochitests P3 NEW [tor][fingerprinting][fp-triaged]
1450401 mozFullScreen leaks exact screen resolution P3 NEW [fingerprinting][fp-triaged]
1472808 For privacy.resistFingerprinting, spoof Keyboard Layout according to content locale P3 NEW [tor][fingerprinting][fp-triaged]
1485258 When privacy.spoof_english is true, don't reveal locale by charset fallback P3 NEW [tor 20025][fingerprinting][fp-triaged]
1490728 Improve discoverability/explanation of RFP P3 NEW [tor][fingerprinting][domsecurity-backlog1][fp-triaged]
1507879 Investigate getClientRects for fingerprinting P3 NEW [tor 29564][fingerprinting][fp-triaged]
1542676 Round subpixel accuracy of window properties to integers when resistfingerprinting is enabled P3 NEW [tor 26607][fingerprinting]
1672093 css @media RFP + window/screen subpixel entropy P3 REOPENED
1677733 Bookmarks toolbar for new tabs changes screen resolution for new window when privacy.resistFingerprinting is turned on P3 NEW [sng]
1876810 With privacy.resistFingerprinting, "☑ Remember this decision" forgetting which camera and microphone was shared is confusing P3 NEW
1947439 RFP new window size is off because of roundings on partial values P3 NEW
1954170 PreXULSkeletonUI doesn't trigger RoundWindowSize RFP Target P3 NEW
1314443 Audit the existing disable WebRTC preferences and ensure they work as advertised P3 ASSIGNED Tom Ritter [:tjr] (OOTO until April) [tor][fingerprinting][tor-mobile][fp-triaged]
1448046 Can we remove the window.Components shim? P3 REOPENED Tom Ritter [:tjr] (OOTO until April)
572650 [meta] Reduce the amount of data and entropy sent out in HTTP requests P5 NEW [fingerprinting][necko-would-take][fp-triaged]
1403747 When privacy.resistFingerprinting is true, warn users not to maximize their window P5 NEW [tor][fingerprinting][fp-triaged]
1914839 Port resist fingerprinting logic from MediaCapabilities decode side to the encode side -- ASSIGNED Fatih Kilic [:fkilic]
1823580 Act as though intl.regional_prefs.use_os_locales is false when RFP is enabled -- NEW [domsecurity-backlog]
1909736 RFP: hide textDecoration's underline computedStyle on links -- NEW
1998698 RFP: orientation spoofs and iframes -- NEW
2005506 RFP: check android pointer/hover protections -- NEW
1746668 Use web exposed locales instead of regional locales where appropriate -- ASSIGNED Pier Angelo Vendrame

29 Total; 29 Open (100%); 0 Resolved (0%); 0 Verified (0%);


Closed Bugs

Bugzilla query error

Array ( [type] => error [message] => http-bad-status [params] => Array ( [0] => 502 [1] => Bad Gateway ) ) 1

Retrieved from "https://wiki.mozilla.org/index.php?title=Security/Fusion/Dashboard/Fingerprinting&oldid=1204006"