Researchers warn against tracking via TLS Session Resumption

[Guest]

More info:

https://www.wilderssecurity.com/threads/researchers-warn-against-tracking-via-tls-session-resumption.409398/

 

https://forum.palemoon.org/viewtopic.php?f=13&p=154897#p154897

 

Do you to create this entry in about: config?

[Mcinwwl]

Well, I did, let's see what happens

Guess this gets added to some addon like Privacy Badger soon...

[Guest]

Works also New Moon and Basilisk.

Test (post #2):

 

https://www.wilderssecurity.com/threads/researchers-warn-against-tracking-via-tls-session-resumption.409398/#post-2788141

Edited October 21, 2018 by Sampei.Nihira

[Guest]

 

https://www.privateinternetaccess.com/blog/2018/11/supercookey-a-supercookie-built-into-tls-1-2-and-1-3/

Edited November 15, 2018 by Sampei.Nihira

[Mathwiz]

security.tls.enable_0rtt_data is false (value recommended by above site) by default in Basilisk (both latest Win 7+ build, 2018.11.07, and @roytam1's latest build).

I had created the security.ssl.disable_session_identifiers Boolean and set it to true when this discussion started. It does slow down browsing a bit, but I haven't seen anything more serious than that.

I don't recommend setting privacy.firstparty.isolate to true unless you have an add-on that can substitute content typically downloaded from CDNs (JQuery, etc.) as it will break many web sites.

I did set security.ssl.enable_false_start to false as recommended at the above web site. I'll report back if it causes any issues.

[Guest]

OK.

Try setting up Cloudflare DNS (1.1.1.1).
A bit of reactivity is recovered.

Edited November 16, 2018 by Sampei.Nihira