Hacklog.mu presentation on Tor
Hacklog.mu has a presentation on tor on the following page . On the same page, SM mentions that HTML5 elements could be used to leak information about an Internet User even with Tor. This is correct. Several developers were aware of the problem, and there were plans to fix this in orweb. See this URL for : details . This vulnerability was reported in 2013, and fixed in the same year . The presentation, by hacklog.mu, took place in 2014.
Firefox as the solution ?
Hacklog.mu uses firefox from Google Playstore, and configures it to work with Tor. From a security perspective, Firefox leaks more metadata than Orweb or tor-browser, due to the lack of patches that Orweb has. In fact, if you look at Tor-browser, you will realize that it's a modified version of Firefox, with a number of patches added on to protect the privacy of the users. Those patches are not in Firefox. Those patches provide several additional layers of security that Firefox on Android DOES NOT provide. The tor project constantly reworks the patches for their Tor-browser and applies the same design principles in Orweb/Orfox. See the design requirements for Orweb, OrFox and Tor-browser here We tested with Orweb & Orfox, and both do not leak, according to browserleaks.org. It is highly questionable to use Firefox, even with a Mobile proxy, as by default, Firefox is not designed to be as secure as Orweb, Orfox, and Tor-browser.
Conclusion
We recommend Internet users who want to remain anonymous to use orweb/orfox on Android and Tor-browser on their PCs instead of Firefox, and avoid the example presented on hacklog.mu. ^-^