TOR browser is used by hundreds of thousands of users — activists, journalists, hackers, and more — all around the world. This anonymity software suite ensures that people are able to save themselves from the prying eyes of governments and hackers. It ensures a good level of privacy, making it difficult to reveal the real I.P. address of the users.
Honeypot and fingerprinting techniques have made TOR vulnerable
TOR browser is a preconfigured Firefox browser modified to protect the users’ privacy and identity while browsing the web. In the browser, plugins are disabled, history and cache aren’t recorded, and everything is erased as you close the browser. However, with time, multiple techniques like TOR Honeypot and Traffic Fingerprintinghave emerged that make TOR by no means enough to protect users privacy on the web.
Along the similar lines, an independent security researcher Jose Carlos Norte has found a set of new fingerprinting ways to uncover the identity of TOR users. The TOR user fingerprinting methods refer to the ways of tracking some non-standard details about user behaviour. Using fingerprinting, the browsing behaviour of a TOR user can be compared to his/her browsing patterns while the user is surfing the same website on a regular browser.
Your mouse movements can reveal your true identity
You’ll be surprised to know that your mouse movements can give your identity away. The first technique deals with identifying the mouse scrolling speed. Based on the scrolling speed and user behaviour patterns, an attacker can record user data and use it to pinpoint a TOR user.
Norte has even created a page where he demonstrates his research.
An attacker can also log the speed at which you move your mouse cursor across the page. This technique gathers more data from your mouse sensitivity preferences and gestures, this technique is more accurate that the previous one. Just in case you are using a trackpad, this technique is even more lethal.
“It is easy to fingerprint users using tor browser to track their activity online and correlate their visits to different pages. getClientrects provides a very interesting vector for TOR user fingerprinting. The CPU benchmark and the Mouse wheel and mouse speed methods provide even more information to distinguish between similar users,” he concludes.
Working as a cyber security solutions architect, Alisa focuses on application and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.