Security Sliders2025-06-25
Long ago in August of 2021 I disabled the JIT for Firefox in Brace. During testing I realized that the browser needed to be restarted for this to take effect.
Back in October of 2024 I was made aware of how the Tor Browser security slider changes these settings without a restart, preventing them from having effect and also creating a fingerprinting mess. For months after this every time I used the slider myself I was reminded of this. The issue was made public in March, but was still unfixed. It concerned me a bit so at the end of April I noted this issue to Jonah of Privacy Guides so they could publish a writeup and put impetus on Tor Project to fix it. Yesterday's Tor Browser update, version 14.5.4, finally fixes this years long issue on both desktop and Android platforms.
Tor Project had this issue explicitly documented since at least May of 2024 and it was likely known offhandedly for years longer. I won't use this against them, but more so as a call to the community to get more involved. If you have the time and skills please consider contributing to the Tor Project, their mission is critical and everyone can benefit from it.
Comment on this: Fediverse