Closed Bug 1383495 Opened 6 years ago Closed 6 years ago

Spoofing Navigator API platform as Win64 when resisting fingerprinting is enabled

Categories

(Core :: DOM: Security, defect, P3)

Product:
Core
Component:
DOM: Security
Version:
54 Branch
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla57
Tracking Flags:
Tracking Status
firefox56 --- fixed
firefox57 --- fixed

People

(Reporter: simon.mainey, Assigned: ethan)

References

(Blocks 1 open bug)

Details

(Whiteboard: [tor][fingerprinting][fp:m3][domsecurity-active])

Attachments

(1 file, 1 obsolete file)

Spoofing Navigator API platform as win64 when resisting fingerprinting is enabled
2.34 KB, patch
ethan
: review+
gchang
: approval-mozilla-beta+
Details | Diff | Splinter Review 
User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:54.0) Gecko/20100101 Firefox/54.0
Build ID: 20170628075643

Steps to reproduce:

Firefox 56+, enable privacy.resistFingerprinting and test various methods of obtaining platform



Actual results:

Firefox 56+, the spoofed value is 32bit (win32) - see bug 1333651


Expected results:

Starting with 56, Mozilla will start 32-bit to 64-bit

[1] https://wiki.mozilla.org/Firefox/Win64
[2] https://bugzilla.mozilla.org/show_bug.cgi?id=1274659

Keeping an eye on metrics ( https://metrics.mozilla.com/firefox-hardware-report/ ), change the spoofed version to 64bit (win64) including the useragent when 64bit becomes more than 50%

Attention Arthur Edelstein [:arthuredelstein], Tim Huang[:timhuang], Tor Uplift
Component: Untriaged → DOM: Security
Product: Firefox → Core
Ethan, can you triage this one please?
Flags: needinfo?(ettseng)
(In reply to Simon Mainey from comment #0)
> Expected results:
> Starting with 56, Mozilla will start 32-bit to 64-bit
> Keeping an eye on metrics (
> https://metrics.mozilla.com/firefox-hardware-report/ ), change the spoofed
> version to 64bit (win64) including the useragent when 64bit becomes more
> than 50%

This reason to spoof the value navigator.platform with 64-bit sounds fair to me.

Arthur and Tim, what would you think?
Status: UNCONFIRMED → NEW
Ever confirmed: true
Flags: needinfo?(tihuang)
Flags: needinfo?(ettseng)
Flags: needinfo?(arthuredelstein)
Priority: -- → P3
See Also: → 1333651
Whiteboard: [tor][fingerprinting]
LGTM
Flags: needinfo?(tihuang)
I would also say that if you are spoofing the FF version ("rounded to the **nearest** 10" - my emphasis, straight from code comments - see https://reviewboard.mozilla.org/r/147474/diff/4#index_header ), then a FF60 32bit (in reality a FF56) looks ridiculous on the face of it, so I would even say this could land in FF56 - then again a FF60 looks strange as well right now.
Per discussion in a meeting, Arthur agreed to spoof the value as win64 instead of win32.
Flags: needinfo?(arthuredelstein)
Assignee: nobody → ettseng
Whiteboard: [tor][fingerprinting] → [tor][fingerprinting][fp:m3]
Ethan: would it also be possible to revisit the version number spoofing. Rounding to the nearest 10 will highlight users that have privacy.resistFingerprinting=true when it rounds up and the spoofed value isn't even available - as will happen with 56. (also what happens when it ends in a 5 currently, does this become eg 50 or 60? I am aware this does not land until 56, just posing the question)

Would it not be better to code for
If version ends in 1 to 7, round down
If version ends in 8 or 9, round up
If version ends in zero, do nothing
On second thoughts, that doesn't cover those on Beta or Nightly. I know the idea is to make the subset of users with privacy.resistFingerprinting=true identical, and in this regard we could put anything. But why make this value stand out. Maybe it better to **always** round DOWN.
(In reply to Simon Mainey from comment #4)
> I would also say that if you are spoofing the FF version ("rounded to the
> **nearest** 10" - my emphasis, straight from code comments - see
> https://reviewboard.mozilla.org/r/147474/diff/4#index_header ), then a FF60
> 32bit (in reality a FF56) looks ridiculous on the face of it, so I would
> even say this could land in FF56 - then again a FF60 looks strange as well
> right now.

Hi Simon,

Thank you for bring up this issue.
The commit message and code comments are not accurate.
According to the real code,
http://searchfox.org/mozilla-central/source/netwerk/protocol/http/nsHttpHandler.cpp#463
the spoofed value of Firefox version is always rounded down.

On Firefox 57, the spoofed value is "Firefox/50.0".

We should only update the code comments in this case.  :)
Whiteboard: [tor][fingerprinting][fp:m3] → [tor][fingerprinting][fp:m3][domsecurity-backlog1]
Whiteboard: [tor][fingerprinting][fp:m3][domsecurity-backlog1] → [tor][fingerprinting][fp:m3][domsecurity-active]
1. Change the spoofed version from "Win32" to "Win64".
2. Correct the code comment about the spoofed version.
Attachment #8895658 - Flags: review?(ehsan)
Hi Ehsan,
This is a minor change. Could you please review it?
Flags: needinfo?(ehsan)
Status: NEW → ASSIGNED
(In reply to Ethan Tseng [:ethan] from comment #10)
> Hi Ehsan,
> This is a minor change. Could you please review it?

Sure.  :-)  No need to needinfo BTW, setting the review flag is enough.
Flags: needinfo?(ehsan)
Comment on attachment 8895658 [details] [diff] [review]
Bug 1383495 - Spoof navigator.platform as win64 when resisting fingerprinting is enabled

Review of attachment 8895658 [details] [diff] [review]:
-----------------------------------------------------------------

Thanks!  It would be nice to uplift this into 56 if possible.  Do you mind nominating this for beta approval please?  It's pretty low risk so I hope the release managers will approve it.
Attachment #8895658 - Flags: review?(ehsan) → review+
(In reply to :Ehsan Akhgari (needinfo please, extremely long backlog) from comment #12)
> Thanks!  It would be nice to uplift this into 56 if possible.  Do you mind
> nominating this for beta approval please?  It's pretty low risk so I hope
> the release managers will approve it.

Sure!  I will nominate it after it's landed in central.
Thank you, Ehsan.
"The browser version will be rounded down to the multiple of 10"

Sounds a bit weird to me, can we change "the" to "a"

"The browser version will be rounded down to a multiple of 10"
(In reply to Simon Mainey from comment #14)
> "The browser version will be rounded down to the multiple of 10"
> Sounds a bit weird to me, can we change "the" to "a"
> "The browser version will be rounded down to a multiple of 10"

You are right. I'll fix it. Thanks!
1. Update commit message "r=Ehsan".
2. Fix a grammar error based on comment 14.
Attachment #8895658 - Attachment is obsolete: true
Attachment #8896179 - Flags: review+
Keywords: checkin-needed
Pushed by ryanvm@gmail.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/5451feeb0448
Spoof Navigator API platform as win64 when resisting fingerprinting is enabled. r=ehsan
Keywords: checkin-needed
https://hg.mozilla.org/mozilla-central/rev/5451feeb0448
Status: ASSIGNED → RESOLVED
Closed: 6 years ago
status-firefox57: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla57
Summary: [tor][fingerprinting] Spoofing Navigator API platform as `win64` when resisting fingerprinting is enabled → [tor][fingerprinting] Spoofing Navigator API platform as Win64 when resisting fingerprinting is enabled
Comment on attachment 8896179 [details] [diff] [review]
Spoofing Navigator API platform as win64 when resisting fingerprinting is enabled

Approval Request Comment
[Feature/Bug causing the regression]: N/A
[User impact if declined]: The spoofed value of platform would not be convincing
[Is this code covered by automated tests?]: Yes
[Has the fix been verified in Nightly?]: Yes
[Needs manual test from QE? If yes, steps to reproduce]: No
[List of other uplifts needed for the feature/fix]: N/A
[Is the change risky?]: No
[Why is the change risky/not risky?]: Only two constant definitions were changed
[String changes made/needed]: N/A

Also, Ehsan suggested to uplift this to Beta. See comment 12.
Attachment #8896179 - Flags: approval-mozilla-beta?
Comment on attachment 8896179 [details] [diff] [review]
Spoofing Navigator API platform as win64 when resisting fingerprinting is enabled

Fix a Spoofing Navigator API platform value. Beta56+. Should be in 56.0b3.
Attachment #8896179 - Flags: approval-mozilla-beta? → approval-mozilla-beta+
Summary: [tor][fingerprinting] Spoofing Navigator API platform as Win64 when resisting fingerprinting is enabled → Spoofing Navigator API platform as Win64 when resisting fingerprinting is enabled
OSCPU should also be changed to 'Windows NT 6.1; Win64; x64', see http://browserspy.dk/showprop.php?navigator with and w/o resistFingerprinting on a Windows 7 x64 with Firefox x64
Flags: needinfo?(ettseng)
(In reply to Anna from comment #23)
> OSCPU should also be changed to 'Windows NT 6.1; Win64; x64', see
> http://browserspy.dk/showprop.php?navigator with and w/o
> resistFingerprinting on a Windows 7 x64 with Firefox x64

You are right. Thanks for pointing this out.
I will file a bug to change this.
Flags: needinfo?(ettseng)
See Also: → 1396468
Depends on: 1472618
You need to log in before you can comment on or make changes to this bug.