I'm the creator of that ?forum page. I'm not an expert but this is what I see in this situation, please correct me if there are logical problems. Using ad blockers prevent ad-networks & others from tracking you. What's the problem at being tracked while you're not easily identifiable (using Tor). If you still really care about being tracked, that means you're afraid of some powerful global adversaries. And I think it wouldn't be hard for them to take fingerprints/identifiable information about you from the website/server owners etc. by looking at which websites were visited from that exit node at that specific time range. So, using ad-blockers & acting different from the default TBB settings, prevent from the ad-networks tracking you but also making you easily identifiable for the global adversaries because of your unique browser fingerprints. We should not use filter add-ons unless they are integrated into TBB too. I also don't understand how a person can really be identified as long as he doesn't enter any personal information or acts same as his non-Tor usage. So yes, I wonder, are the fingerprints really important and how can they be used to find one person. I'm confused :) Edit: Can it be like this: If I had the power, I would blacklist all IP's which are used for searching about Tor or Tails or downloaded Tails for example. Because it's simple, until you find Tor&Tails probably you didn't use anonymizers or if you used, they could still take your IP from the proxy owners too. As long as Tails' fingerprints differ from TBB, if someone found to be using Tails (no ads, different headers, screen sizes, etc.) there will be far fewer targets for them to look at. It would be nice if there was a detailed list of examples about how can someone's identity get compromised while using Tor (on the Tor Project website)

There is no point in blindly copying TB just because everyone else slavishly wants the same fingerprint. What if TB is (repeatedly) making the wrong decisions? If there are enough Tails users it wouldn't matter if their fingerprint is both unique and different from TB but all Tails users got exactly the same fingerprint. The real reason TB doesn't include an Adblocker is political, given Tail is somewhat an officially supported or endorsed project I'm expecting it to follow suit.

Thank god you're not a Tails developer. There's nothing about slavishness, if we are all using Tor and Tails for anonymity-privacy we should do our best at it. What's wrong with better privacy? Why are you using Tails? Look at the Tor website, the idea is simple. More people using Tor, more anonymous you are. With every different fingerprint you have, you're just choosing less people to hide between, so worse annonymity. Isn't unlinkability or privacy one of the main purposes of the Tails project? What Tails doing now is to make it easier to link your different activities. I really don't get the point why there is an ad-blocker. Could you please tell me the benefits of using it? (Except faster web experience)

My question was, what if Tails is right and TBB is wrong (technically, not ideologically or politically). Shouldn't you be at trac.torproject.org and complain that their fingerprint is different from Tails. I'm not suggesting that this is definitely the case. I'm just throwing this question in here to discuss it.

"What if"? If you think there's something wrong with TBB just show it. Also, I didn't say there's something technically wrong in Tails. What I say is, we should be between the biggest group of users. We shouldn't limit our anonymity set. And all my suggestions are at the bottom of this page. Anything wrong with TBB'S accept headers?, default screen size? Or is it the ad-blockers? Please read the design document from the links.

Things that are "wrong with TBB": https://trac.torproject.org/projects/tor/ticket/3007 https://trac.torproject.org/projects/tor/ticket/4794 https://trac.torproject.org/projects/tor/ticket/5092 and several tickets about missing security features (gcc hardening, sandboxing, MAC)

But that's beside the current topic. Adblockers increase usability and productivity if configured correctly. They are a good thing to have and to support. Side benefit is better performance and less load on the Tor network. Obviously I disagree with your request and hope dearly that Tails doesn't "follow suit due to political considerations".

I completely agree with you about the benefits of adblockers. I use them too in my non-Tor usage. But it is simply NOT SAFE to use them over Tor, so Tails shouldn't include it. You have to understand why it isn't safe, and you can continue to use them if you wish. But people use Tails to improve their privacy-anonymity, so this is the point we should discuss mainly, usability comes second. If you don't have potential global adversares that could follow your fingerprints, just want to hide you're watching porn from your parents and want to use Tor faster, keep using adblockers.

Reply to "I completely agree..." (man that layout sucks): Two corrections: Tor does not protect against global adversaries and privacy and anonymity are not the same.

The irony of this statement is that filters make it harder for global (and non global: timing/correlation) adversaries to follow you because there is less information to work with and websites no longer have a predeterminable fingerprint.

By not using filters you only make it harder for exit nodes and website providers. It doesn't even effect all websites (not all use ads or other external content). All they can tell is that you are a Tails user. The only drawback is this anonymity set reduction from Tor user to Tails user (that's why I made my recommendation dependent on the install base of Tails!) But since it's only ever just one provider (or exit node) which can make this reduction only on their own sites they still cannot follow you around and correlate different activities to a certain user (or even a small enough subset of users). EOF

This discussion goes nowhere, can you please contact Tor developers to understand what the risks are by using adblockers and also how powerful a global adversary can be. They don't need to own all the websites on the web, it's about the power of gathering information from them, from their servers. I'm not even talking about Google, CIA, USA, etc. think bigger. So using adblock protects you from being tracked by little companies, but it greatly helps global adversaries to link someone's activities. And you should also think about the percentage of Tails users over Tor. I want to give an example. In my country, there's about 2K daily users of Tor so probably very little number of Tails. What's the possibility of more than one Tails users using the same exit node at the same time (from same country, or language). You will probably say, they still cannot know who is connecting? There are sure many ways to blacklist potential Tor or Tails users but let's give some examples: all Tor/Tails searchers, Tor/Tails downloaders, Tor users (without bridges, easier), Tor users (using bridges, harder but possible), and especially people like me who suddenly leaves HTTP websites and using HTTPS almost every time. The risk is not getting 100% identified, but also the increase of it's possibility. Think about long-term linkability as well

TBB protects you from global adversaries better, yes giving much more (but) unidentifiable information to them. For example, I'm browsing for hours on TBB and there's no cookie from google or else. They will show you ads, they will see one Tor user visited that page, but cannot know who you are, you're also not a Tails user anymore :) (This is completely about the success of design, if you think something's wrong, contact them) If you know what you're doing, you enjoy a bigger anonymity set. And I still wonder the percentage of Tails users, it is not that easy to say I'm choosing to be one of the Tails users (The difference is surely quite big). Let's try not to create a different Tor network, but join to the current biggest one.

----- Indeed, we've gone a full circle. To sum it up: TPO puts politics before users (OK flamebait). Because they have more users Tails HAS to follow regardless of whether this is what people want, whether it is the right thing and whether this affects anonymity in a critical enough way to warrant this decision.

I propose: You want the change, you document how "bad" adblocking really affects anonymity.

You'll have to discern between custom and default filters. One can leave a unique fingerpring (devastatingly dangerous? No, the unique fingerprint affects only single domains and govs need to subpoena every one of them, no dragnet surveillance possible! - still bad) and default filters (does it negatively impact anonymity when just a few 1000 users have this set of filters? I doubt it, they still have the full pool of Tor users to sort through! Or do you think they monitor everyone who downloaded Tails?) If you disagree, prove it! Tails obviously should recommend not to edit any filters by hand. (btw the same applies to https-everywhere in TBB). EOF

(Question: Also, I never used any other language in Tails, do they have specialized headers for their languages? Or is it only the localization of programs etc. I currently cannot use Tails to check it)

Privacy is totally unrelated from unlinkability. The better term to use here would be "anonymity set reduction". Reduction is always bad, it lessens the quality of anonymity. Ideally all Tor users would have the same fingerprint. But the anonymity set isn't the only criteria and if the Tails set is large enough and there are good reasons to deviate from TB this trade off could improve the overall anonymity. One such tradeoff (between anonymity set and security) worth making would be disabling JS by default, but then there is the tradeoff between usability and security to consider as well!

You made it sound like these are easy decisions. I hope I could explain why they are not.

Are you talking about removing adblock? If there's something logically wrong with the TBB Design, please tell us.

To developers: Please look at the latest comments about Fingerprints Please especially read these parts of Design document: 1 - 2. What I currently see is, 1- different default screen size (1000x500 on TBB, edit: I'm not sure about that), 2- different accept headers (TBB sends no value for Charset header, compare at ip-check.info) and 3- Adblock Plus. Maybe you should contact Tor developers about these issues.

If adblock gets removed, the people who keep using the current adblock filters should be told that using them will be much less secure than before. Also after the implementation of the persistence feature; people should be especially warned about installing filter addons.