| Width | |
|---|---|
| Height |
Tor Browser 9.0's letterboxing alleviates these concerns somewhat. The companion blog post to this demo has more information.
If you're trying to stay anonymous, you want to look like as many other people as possible. This is why the Tor Browser suggests you do not change your window size. CSS by itself can leak your window size. If your window size is unique enough, you could be deanonymized. No JavaScript required.
This website is a proof of concept. CSS supports @media
queries that allow the webdesigner to conditionally set styles. Usually this
is done to make a webpage "responsive." On mobile? Collapse that top menu bar
into a hamburger menu and use one column instead of two. Useful!
But this can be abused to help deanonymize you. CSS supports setting some
attributes to URLs. Combining these ideas, an adversary can force your browser
to load different resources based on your window size. This webpage
demonstrates this very obviously by loading and displaying different images
based on the width and height of your window. An adversary wouldn't have to be
so obvious. Maybe a small element with display:none; has its
background image changed based on screen width. You wouldn't be able to see
this in action unless you're watching the requests your browser is making.
I recommend you do just that: view the source of this page and its stylesheet. Open the developer console to the network tab and start resizing your window. All I have to do is watch my web server's logs to see what images are being requested. Thanks CSS!
Disabling JavaScript can't help you in this regard. If your threat model calls for it, do not change the window size of the Tor Browser Bundle from its default.