Open Bug 755284 Opened 10 years ago Updated 3 years ago

Fingerprintable information in update behavior


(Toolkit :: Application Update, defect, P3)






(Reporter: c142592, Unassigned)


(Blocks 1 open bug)


(Keywords: privacy, Whiteboard: [fingerprinting][fp-triaged][tor 6217])

If update checks are enabled, Firefox seems to perform them at exactly the interval specified in the app.update.interval preference. (Tested with a 120-second interval and leaving the browser running.) This leads to a minor potential way of fingerprinting users on anonymizing networks like Tor because output relays can observe an update check occurring at a precise second corresponding to a particular user.

I realize this is a minor issue and difficult to exploit, but the solution is also appropriately minor. I assume it will be enough to simply randomize the scheduled time of next update (or the time stored in the lastUpdateTime settings, whichever) by up to 5% of the update interval. This fix will still preserve the user-set meaning of the app.update.interval setting, on average.
Interesting find. Yeah, throwing some randomness into the update interval seems like it should be simple and effective. Although I'm curious how effective tracking would be as-is... The browser itself will have some slop (ms?) in the timer firing, and I assume onion-routing adds lots of random latency (intentional or not).

Should probably look at other things which update/ping in the background too, since they probably have the same issue. Maybe creating a TYPE_REPEATING_SLOPPY timer would be useful... :)
Component: General → Application Update
Keywords: privacy
Product: Firefox → Toolkit
QA Contact: general → application.update
Whiteboard: [fingerprinting]
Priority: -- → P5
Whiteboard: [fingerprinting] → [fingerprinting][fp-triaged]
Whiteboard: [fingerprinting][fp-triaged] → [fingerprinting]
Priority: P5 → P3
Whiteboard: [fingerprinting] → [fingerprinting][fp-triaged]
Whiteboard: [fingerprinting][fp-triaged] → [fingerprinting][fp-triaged][tor 6217]
You need to log in before you can comment on or make changes to this bug.