[wp-trac] [WordPress Trac] #32138: WordPress 4.2 : Tor Browser’s and Canvas privacy warning prompt
WordPress Trac
noreply at wordpress.org
Sun Apr 26 11:47:57 UTC 2015
#32138: WordPress 4.2 : Tor Browser’s and Canvas privacy warning prompt
-------------------------+-----------------------------
Reporter: bluetouff | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Formatting | Version: 4.2
Severity: normal | Keywords:
Focuses: |
-------------------------+-----------------------------
The Tor Browser is known to be used by activists, journalists, and people
who need a high level of privacy while they’re surfing.
Every possible way to track people on Internet are a serious concern for
the Tor developers because anonymization doesn’t not support approximation
and leads to take decision that could seem « over-paranoid » to other
developpers community.
In previous WordPress versions (prior to 4.2) Gravatar was already known
to be detected as tracker by some tools like Ghostery. But with gravatars
disabled, only logged in users get the warning due to the admin bar.
4.2 update on wp-includes/formatting.php introduced a new way to check if
emoji are enabled or not, injecting in wp-head an emoji detection script
using canvas.
This new addition, even with emoji disabled, and logged off, lead the Tor
Browser to print the a warning message
[[Image(https://reflets.info/wp-content/uploads/2015/04/Tor-Warning.png)]]
WordPress owners running a website with high privacy concerns cannot let
the highly trustable Tor browser giving an alert prompt to each reader
about a possible privacy issue on their website. The ability to let Tor
Browser users allow or block canvas hash decoding malicious use has been
discussed here and here and appears in Tor Reference documentation as a
fingerprinting threat
(https://www.torproject.org/projects/torbrowser/design/#fingerprinting-
linkability).
''« We display the warning if websites attempt to render image data and
then silently extract it, because this is a major, high-entropy, highly
stable fingerprinting vector. »''
''« After plugins and plugin-provided information, we believe that the
HTML5 Canvas is the single largest fingerprinting threat browsers face
today. Initial studies show that the Canvas can provide an easy-access
fingerprinting target: The adversary simply renders WebGL, font, and named
color data to a Canvas element, extracts the image buffer, and computes a
hash of that image data. Subtle differences in the video card, font packs,
and even font and graphics library versions allow the adversary to produce
a stable, simple, high-entropy fingerprint of a computer. In fact, the
hash of the rendered image can be used almost identically to a tracking
cookie by the web server. »''
Even if this not a security issue with WordPress, i guess the WordPress
community should reconsider the use and implementation of this feature
which is not critically useful for most of us, considering trust and
privacy are useful and critical for vulnerable people who use Tor to
protect themselves. This is related to trust, trust between : over-
paranoid people who sometimes have good reasons to be such paranoid and
website owners who try to run a state of the art WordPress for privacy,
just like it should be out of the box.
For instance, i added in wp-includes/formating.php the following line :
remove_action( 'wp_head', 'print_emoji_detection_script', 7 );
Initially posted here : https://reflets.info/wordpress-4-2-tor-browsers-
and-canvas-privacy-warning-prompt/
--
Ticket URL: <https://core.trac.wordpress.org/ticket/32138>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list