[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tor-talk] Profiling Tor users via keystrokes



win10 analyses keystrokes by default:

"Windows 10 generates advertising-IDs for everyone. The informations
Win10 transmitts by default are (among other things):

- location of device
- browser history
- favorites
- which Aaps are installed from the windows store
- and data for input-personification. this includes biometrical data of
pronunciation (cortana), writing style (handwirting) and how the user
types on windows devices."

but you can opt-out for many options.

( quick translation from my side, original news article is in german:
http://www.heise.de/newsticker/meldung/Windows-10-Neue-Datenschutzbestimmungen-Windows-wird-zur-Datensammelstelle-2765536.html
)

On 31.07.2015 10:10, spencerone@openmailbox.org wrote:
> Hi,
> 
>>>
>>> flapflap:
>>> http://arstechnica.com/security/2015/07/how-the-way-you-type-can-shatter-anonymity-even-on-tor/
>>>
>>> says that apparently it's possible to deanonymise Tor users by analysing
>>> their keystrokes in input fields of websites.
>>>
>>> Is there need for modifications in the Tor Browser Bundle/upstream
>>> Firefox?
>>>
>>
>> grarpamp:
>> A keystroke reclocker / normalizer might be better integrated
>> as part of the keyboard driver in your OS. You'd only need to
>> code it once, and could tune it to suit you however you want.
>> Try checking with your OS.
>>
> 
> Keystroke spoofing would only circumvent interception attacks, right? 
> It seems destination-based form/packet-grabbing could still profile people.
> 
> Is there a public keylogger that reveals what it sees so people can case
> test?  TorMirror?
> 
> Wordlife,
> Spencer
> 
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk