summaryrefslogtreecommitdiffstats
path: root/wiki/src/doc/about/fingerprint.mdwn
blob: a8e12f23ea97285c3cb82f678adaaa3d62768e58 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
[[!meta title="Can I hide the fact that I am using Tails?"]]

In this context, the term fingerprint refers to what is specific to
Tails in the way it behaves on Internet. This can be used to determine
whether a particular user is using Tails or not.

[[As explained on our warning page|warning#fingerprint]], when using
Tails it is possible to know that you are using Tor. But Tails tries to
**make it as difficult as possible to distinguish Tails users from other
Tor users**, especially users of <span class="application">Tor Browser</span> outside of Tails. If it is
possible to determine whether you are a user of <span class="application">Tor Browser</span> inside or outside of Tails, this
provides more information about you and in consequence reduces your
anonymity.

This section explains some issues regarding the fingerprint of Tails and
how this could be used to identify you as a Tails user.

For the websites that you are visiting
======================================

The websites that you are visiting can retrieve a lot of information
about your browser. That information can include its name and version,
window size, list of available extensions, timezone, available fonts,
etc.

To make it difficult to distinguish Tails users,
**<span class="application">Tor Browser</span> in Tails tries to provide the same information as <span class="application">Tor Browser</span> on other operating systems** in
order to have similar fingerprints.

Refer to the [[fingerprint section of our list of known issues
|support/known_issues#fingerprint]] to know if there are differences
between the fingerprints of <span class="application">Tor Browser</span> inside and outside of Tails.

Apart from that, **some of the <span class="application">Tor Browser</span> extensions included in Tails are
specific to Tails**. More sophisticated
attacks can use those differences to distinguish Tails users.

For example, Tails includes <span class="application">uBlock
Origin</span> which removes advertisements. If an attacker can determine
that you are not downloading the advertisements that are included in a
webpage, that could help identify you as a Tails user.

For the moment, you should consider that **no special care is taken
regarding the fingerprint of the [[<span class="application">Unsafe
Browser</span>|doc/anonymous_internet/unsafe_browser]]**.

For your ISP or local network administrator
===========================================

  - Tor bridges are most of the time a good way of hiding the fact that you are
    connecting to Tor to a local observer. If this is important for you, read
    our documentation about [[doc/first_steps/startup_options/bridge_mode]].

  - A Tails system is **almost exclusively generating Tor activity** on
    the network. Usually users of <span class="application">Tor Browser</span> on other operating systems also have network activity outside of
    Tor, either from another web browser or other applications. So the
    proportion of Tor activity could be used to determine whether a user of <span class="application">Tor Browser</span>
    is using Tails or not. If you are sharing your Internet
    connection with other users that are not using Tails it is probably
    harder for your ISP to determine whether a single user is generating
    only Tor traffic and so maybe using Tails.

  - Tails **does not use the entry guards mechanism of Tor**. With the
    [entry guard
    mechanism](https://www.torproject.org/docs/faq#EntryGuards), a Tor
    user always uses the same few relays as first hops. As Tails does not
    store any Tor information between separate working sessions, it does
    not store the entry guards information either. This behaviour could
    be used to distinguish Tails users across several
    working sessions.

  - When starting, Tails synchronizes the system clock to make sure it
    is accurate. While doing this, if the time is set too much in the
    past or in the future, Tor is shut down and started again. This
    behavior could be used to distinguish Tails users,
    especially since this happens every time Tails starts.