[kaoD]

> The JavaScript zero-day exploit that creates a unique cookie and sends a request to a random server that basically fingerprints your browser in some way, which is probably then correlated somewhere else since the cookie doesn't get deleted. Presumably it reports the victim's IP back to the FBI.

"in some way", "probably", "presumably" = I have no idea what's going on.

[Shank]

It's more that we know very well that up to the transmission point, it creates a unique identifier. If we're following the most likely guess (that this is targeting distribution of Child Pornography), then it seems like a reasonable goal to simply identify and fingerprint Tor users.

That being said, there is always a point that this could be used for something else entirely, though. Compromising Tor mail is a lot less of a targeted attack.