Skip to content
GitLab
Projects Groups Topics Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • T tails
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributor statistics
    • Graph
    • Compare revisions
  • Issues 965
    • Issues 965
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 29
    • Merge requests 29
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Artifacts
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • tails
  • tails
  • Issues
  • #5412
Closed
Open
Issue created Jul 18, 2013 by import-from-Redmine@import-from-Redmine

Improve fingerprint of the Unsafe Browser

Originally created by Tails on #5412 (Redmine)

{{toc}}

Next steps

Avoid Tails-specific DNS requests

One can see e.g. with Wireshark that the Unsafe Browser sends DNS requests for amnesia and tails.boum.org on the network. This should clearly not happen.

Next thing to do: research why this happens.

Improve fingerprint of the request made to get the captive portal

For the WiFi hotspot and probably ISP, the recommended way of using the Unsafe browser only to login in the portal and then use only Tor is fingerprintable.

What clearnet request do people do to get the captive portal?

Next thing to do: research how we can improve the network fingerprint of that principal usecase.

Done

As a first step, we wanted to make the Unsafe Browser look like a default Debian Iceweasel ESR. This was done by removing all add-ons.

Related issues

  • Related to #5555
  • Related to #10491 (closed)
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking