Closed
Bug 1382499
Opened 7 years ago
Closed 7 years ago
Touch API leaks absolute screen coordinates
Categories
(Core :: DOM: Events, enhancement, P3)
Core
DOM: Events
Tracking
()
RESOLVED
FIXED
mozilla57
Tracking | Status | |
---|---|---|
firefox57 | --- | fixed |
People
(Reporter: arthur, Assigned: cfu)
References
(Blocks 1 open bug)
Details
(Whiteboard: [tor 10286][fingerprinting][fp:m3])
Attachments
(3 files)
In Tor Browser we currently disable the Touch API, but we also have defense-in-depth patches to prevent absolute screen coordinates from being leaked to scripts. Here are the current patches: https://torpat.ch/10286 We would like to propose uplifting these patches.
Updated•7 years ago
|
Priority: -- → P3
Updated•7 years ago
|
Whiteboard: [tor 10286] → [tor 10286][fingerprinting][fp:m3]
Assignee | ||
Updated•7 years ago
|
Assignee: nobody → cfu
Comment hidden (mozreview-request) |
Assignee | ||
Updated•7 years ago
|
Attachment #8891935 -
Flags: review?(bzbarsky)
Attachment #8891935 -
Flags: review?(arthuredelstein)
Assignee | ||
Comment 2•7 years ago
|
||
According to the Tor patch, I modified RadiusX, RadiusY, RotationAngle, Force, and the webidl with the same implementation as ScreenX, ScreenY. However, they are not only accessed through webidl so there is not always a caller type. For equality test, - mozilla::dom::Touch::Equals http://searchfox.org/mozilla-central/source/dom/events/Touch.cpp#187-190 I compare the members directly. For other accesses, - DispatchPointerFromMouseOrTouch http://searchfox.org/mozilla-central/source/layout/base/PresShell.cpp#7101-7102 - mozilla::MultiTouchInput::MultiTouchInput http://searchfox.org/mozilla-central/source/widget/InputData.cpp#133-136 I just pass CallerType::System. Will this cause any problem?
Comment 3•7 years ago
|
||
mozreview-review |
Comment on attachment 8891935 [details] Bug 1382499 - Enhance fingerprinting resistance for Touch API https://reviewboard.mozilla.org/r/162970/#review168354 ::: dom/events/Touch.cpp:167 (Diff revision 1) > > +int32_t > +Touch::RadiusX(CallerType aCallerType) const > +{ > + if (nsContentUtils::ResistFingerprinting(aCallerType)) { > + return 1; Why 1 and not 0? The spec seems to call out 0 as the "not known" value... Someone familiar with the touch API should probably review this value.
Attachment #8891935 -
Flags: review?(bzbarsky) → review+
Assignee | ||
Comment 4•7 years ago
|
||
We need your expertise to help us clarify if it is proper to use the value 1 for radiusX/radiusY in order to resist fingerprinting. Thank you very much.
Flags: needinfo?(bugs)
Comment 5•7 years ago
|
||
0 should be used when radius isn't known. https://w3c.github.io/touch-events/#dom-touch-radiusx
Flags: needinfo?(bugs)
Comment hidden (mozreview-request) |
Comment hidden (mozreview-request) |
Comment hidden (mozreview-request) |
Assignee | ||
Updated•7 years ago
|
Attachment #8893269 -
Flags: review?(bugs)
Attachment #8893270 -
Flags: review?(arthuredelstein)
Assignee | ||
Comment 9•7 years ago
|
||
Arthur also agrees with that it is more reasonable to spoof radiusX/radiusY with 0, so I updated the patch and changed the return values. The test is ready as well. Please note that in the original Tor patch, it compares touch.radiusX/radiusY to touchParams.rx/ry when privacy.resistFingerprinting = false. In my local test, however, I always get different values. For example, we have rx = 2 and ry = 3 in touchParams but in the Touch object, the values are radiusX = 4 and radiusY = 6. It seems that AppUnitsPerDevPixel leads to this result. So I guess it is machine-dependent and modified the test so that it only checks if radiusX and radiusY are correctly spoofed when privacy.resistFingerprinting = true.
Comment 10•7 years ago
|
||
mozreview-review |
Comment on attachment 8893269 [details] Bug 1382499 - Fix typo in testing/mochitest/tests/SimpleTest/EventUtils.js https://reviewboard.mozilla.org/r/164312/#review169898
Attachment #8893269 -
Flags: review?(bugs) → review+
Reporter | ||
Comment 11•7 years ago
|
||
mozreview-review |
Comment on attachment 8891935 [details] Bug 1382499 - Enhance fingerprinting resistance for Touch API https://reviewboard.mozilla.org/r/162970/#review171930
Attachment #8891935 -
Flags: review?(arthuredelstein) → review+
Reporter | ||
Comment 12•7 years ago
|
||
mozreview-review |
Comment on attachment 8893270 [details] Bug 1382499 - Add test cases https://reviewboard.mozilla.org/r/164314/#review171934
Attachment #8893270 -
Flags: review?(arthuredelstein) → review+
Assignee | ||
Updated•7 years ago
|
Attachment #8893270 -
Flags: review?(bugs)
Comment 13•7 years ago
|
||
mozreview-review |
Comment on attachment 8893270 [details] Bug 1382499 - Add test cases https://reviewboard.mozilla.org/r/164314/#review172240
Attachment #8893270 -
Flags: review?(bugs) → review+
Assignee | ||
Updated•7 years ago
|
Keywords: checkin-needed
Comment 14•7 years ago
|
||
Pushed by ryanvm@gmail.com: https://hg.mozilla.org/integration/autoland/rev/1dcdc22d4919 Enhance fingerprinting resistance for Touch API r=arthuredelstein,bz https://hg.mozilla.org/integration/autoland/rev/c25b50b0edc5 Fix typo in testing/mochitest/tests/SimpleTest/EventUtils.js r=smaug https://hg.mozilla.org/integration/autoland/rev/0ebb9924affa Add test cases r=arthuredelstein,smaug
Keywords: checkin-needed
Backed out for eslint failures like https://treeherder.mozilla.org/logviewer.html#?job_id=122635957&repo=autoland https://hg.mozilla.org/integration/autoland/rev/c4965deefa3b5946753796c10388ff2b48242c4b
Flags: needinfo?(cfu)
Comment hidden (mozreview-request) |
Assignee | ||
Updated•7 years ago
|
Flags: needinfo?(cfu)
Keywords: checkin-needed
Comment 17•7 years ago
|
||
Pushed by ryanvm@gmail.com: https://hg.mozilla.org/integration/autoland/rev/0175751964b5 Enhance fingerprinting resistance for Touch API r=arthuredelstein,bz https://hg.mozilla.org/integration/autoland/rev/927e576d7971 Fix typo in testing/mochitest/tests/SimpleTest/EventUtils.js r=smaug https://hg.mozilla.org/integration/autoland/rev/79d10d864775 Add test cases r=arthuredelstein,smaug
Keywords: checkin-needed
Comment 18•7 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/0175751964b5 https://hg.mozilla.org/mozilla-central/rev/927e576d7971 https://hg.mozilla.org/mozilla-central/rev/79d10d864775
Status: NEW → RESOLVED
Closed: 7 years ago
status-firefox57:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla57
You need to log in
before you can comment on or make changes to this bug.
Description
•