Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Proposal for Anti-Keystroke Fingerprinting Tool

bancfc at openmailbox.org bancfc at openmailbox.org
Fri Mar 18 05:55:36 PDT 2016


== Attack Description ==

Keystroke fingerprinting works by measuring how long keys are pressed 
and the time between presses. Its very high accuracy poses a serious 
threat to anonymous users.[1]

This tracking technology has been deployed by major advertisers (Google, 
Facebook), banks and massive online courses. Its also happening at a 
massive scale because just using a JS application (or SSH in interactive 
mode) in presence of a network adversary that records all traffic allows 
them to construct biometric models for virtually everyone (think Google 
suggestions) even if the website does not record these biometric stats 
itself.[2] They have this data from everyone's clearnet browsing and by 
comparing this to data exiting the Tor network they will unmask users.

== Current Measures and Threat Model ==

While the Tor Browser team is aware of the problem and working on a 
solution, current measures [6] are not enough. [4][5]

Security distros are designed to protect the user even if an end user 
application is compromised and provide defense in depth.

The goal is to protect users even in the event of an attacker taking 
over an application running in a VM/Container.

This is valid for systems running in VMs or on bare metal.


== Existing Work on Countermeasures ==

As a countermeasure security researcher Paul Moore created a prototype 
Chrome plugin known as KeyboardPrivacy. It works by caching keystrokes 
and introducing a random delay before passing them on to a webpage.[3] 
Unfortunately there is no source code available for the add-on and the 
planned Firefox version has not surfaced so far. There are hints that 
the author wants to create a closed hardware soltuion that implements 
this which does not help our cause.


== Proposal for a System-wide Solution ==

A very much needed project would be to write a program that mimics the 
functionality of the this add-on but on the display server / OS level. 
Ideally the solution would be compatible with Wayland for the upcoming 
transition in the near future.




[1] 
http://arstechnica.com/security/2015/07/how-the-way-you-type-can-shatter-anonymity-even-on-tor/

[2] http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=7358795

[3] https://archive.is/vCvWb

[4] 
https://www.lightbluetouchpaper.org/2015/07/30/double-bill-password-hashing-competition-keyboardprivacy/#comment-1288166

[5] https://trac.torproject.org/projects/tor/ticket/16110

[6] https://trac.torproject.org/projects/tor/ticket/1517



***

This feature request has been mirrored on each project's bugtrackers 
respectively:

https://github.com/subgraph/subgraph-os-issues/issues/103
https://labs.riseup.net/code/issues/11257
https://github.com/QubesOS/qubes-issues/issues/1850




More information about the liberationtech mailing list