[guardian-dev] Adafruit’s Onion Pi Tor Proxy Project Creates A Private, Portable Wi-Fi Access Point

Matej Kovacic matej.kovacic at owca.info
Fri Jun 21 03:47:30 EDT 2013


Hi,

> Seems like you would lose a bunch of the anonymity features if you don't
> use the Tor browser.  Just setting up a proxy is not enough.  You want
> to block flash/scripts and close off other info leak points.
It is even worse. Now in EU cookies are "prohibited" (in some countries
you need explicit consent for setting a cookie to user), so some
websites implemented "Panopticlick tracking".

Panopticlick (panopticlick.eff.org) gets unique fingerprint of a user
from the user's browser environment (browser fingerprnt, resolution,
installed fonts, etc.). So they are able to track users WITHOUT cookies.

It is true, that this identification is not so unique as identification
with users (but it is unique for 1:2-3 mio. users), but on the other
site you ar able to identify users who block/delete cookies and also
users using Tor.

A friend of mine runs a big forum and had some problems from some users
posting inappropriate content with fake usernames using Tor.

With panopticlick tracking it was easy to identify them. First user
registers as normal user, but then logouts, and came back with Tor with
other username. But in both cases user has the same panopticlick ID, so
it is easy to identify him/her.

So the only solution is to use different browser for Tor, or even better
- different or dedicated virtual machine for Tor browsing.


Regards, Matej


More information about the Guardian-dev mailing list