Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 15 submissions in the queue.

Tor Browser Bundle 8.0 Sends OS+kernel+TOTAL_PING_COUNT in Update Queries to Mozilla

posted by martyb on Wednesday September 26 2018, @12:29AM   Printer-friendly
from the Checking-in-on-checking-in dept.

An Anonymous Coward writes:

Tor Browser Bundle 8.0 (TBB) sends OS+kernel+TOTAL_PING_COUNT in update queries to Mozilla

- Tails 3.9, which ships with TBB 8.0, is also affected.

User report:[1]
https://blog.torproject.org/comment/277375#comment-277375

Sanitize the add-on blocklist update URL
https://trac.torproject.org/projects/tor/ticket/16931

related, old, closed ticket (unresolved):

TBB-Firefox sends OS+kernel in update queries to Mozilla
https://trac.torproject.org/projects/tor/ticket/6734

[1]: "TBB-Firefox sends Linux kernel version in extensions blocklist update queries to Mozilla. 6 years old ticket closed https://trac.torproject.org/projects/tor/ticket/6734 without fix this privacy issue.

From Ubuntu 18.04.1 LiveCD
/v1/blocklist/3/%7Bec8030f7-c20a-464f-9b0e-13a3a9e97384%7D/60.2.0/Firefox/20180204030101/Linux_x86_64-gcc3/en-US/release/Linux 4.15.0-29-generic (GTK 3.22.30 libpulse 11.1.0)/default/default/1/1/new/"

"about:config
extensions.blocklist.url"

"Also it send TOTAL_PING_COUNT to tell mozilla how many days you use TBB."

Original Submission

 
This discussion has been archived. No new comments can be posted.
Tor Browser Bundle 8.0 Sends OS+kernel+TOTAL_PING_COUNT in Update Queries to Mozilla | Log In/Create an Account | Top | 36 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2, Insightful) by Anonymous Coward on Wednesday September 26 2018, @01:20AM (6 children)

    by Anonymous Coward on Wednesday September 26 2018, @01:20AM (#739976)

    You'd think TBB developers would be the kind of people with an eye for this sort of thing.

    How did this make it to end users? I really don't get it. Are most people in the world just half sentient?

    Starting Score:    0  points
    Moderation   +2  
       Insightful=1, Interesting=1, Total=2
    Extra 'Insightful' Modifier   0  
    Total Score:   2  

  • (Score: 0) by Anonymous Coward on Wednesday September 26 2018, @01:29AM

    by Anonymous Coward on Wednesday September 26 2018, @01:29AM (#739982)

    Not enough Low Quality Assurance, that's the problem. Tor Project should contract Soggy Quality to do all their testing and quality audits. Michael David Crawford has an army of soggy teenage girls fresh out of the showers and eager to get to work finding issues just like this one.

  • (Score: 1, Funny) by Anonymous Coward on Wednesday September 26 2018, @02:04AM

    by Anonymous Coward on Wednesday September 26 2018, @02:04AM (#740007)

    Somehow Mozilla not being ran by autists wasn't a giant red flag.

  • (Score: 2) by jasassin on Wednesday September 26 2018, @03:19AM (2 children)

    by jasassin (3566) <jasassin@gmail.com> on Wednesday September 26 2018, @03:19AM (#740019) Homepage Journal

    You'd think TBB developers would be the kind of people with an eye for this sort of thing.

    The thing that bothers me is that it was reported and noone appears to give a shit. This isn't like fixing some insdeous bug, it's hacking one line of code. I'm baffled.

    I'd fix it but my addition of a // in the beginning of a line might confuse and anger them.

    --
    jasassin@gmail.com GPG Key ID: 0xE6462C68A9A3DB5A

  • (Score: 2) by takyon on Wednesday September 26 2018, @03:47AM

    by takyon (881) <takyonNO@SPAMsoylentnews.org> on Wednesday September 26 2018, @03:47AM (#740023) Journal

    We've repeatedly heard about Firefox integrating Tor into the main browser [soylentnews.org]. If you think things are bad now...

    --
    [SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]