Tales of Favicons and Caches: Persistent Tracking in Modern Browsers

Σολωμός, Κωνσταντίνος; Kristoff, John; Kanich, Chris; Polakis, Jason

doi:10.14722/ndss.2021.24202

Cited by 15 publications

(11 citation statements)

References 34 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Stateful-tracking also describes other ways websites can set and read identifiers, by using APIs and browser capabilities not intended for such purposes. Examples of such techniques include exploiting the browser HTTP cache, DNS cache or other ways of setting long term state (e.g., HSTS instructions [1], favicon caches [2], or, ironically, storage intended to prevent tracking [3]).…”

Section: Relationship To Other Tracking Methodsmentioning

confidence: 99%

“…Distinct from browser fingerprinting, researchers have also found other ways of misusing browser features to construct unique user identifiers. Solomos et al [2] transformed the browser's "favicon" cache into a persistent tracking mechanism, Janc et al [3] showed that Safari's "Intelligent Tracking Prevention" 26 features could be abused to re-identify users, and Syverson and Traudt [1] showed how the browsers "HTTP Strict-Transport-Security" system could be re-purposed to construct and assign unique identifiers.…”

Section: A Online Tracking Through Feature Misusementioning

confidence: 99%

See 1 more Smart Citation

Pool-Party: Exploiting Browser Resource Pools as Side-Channels for Web Tracking

Snyder¹,

Karami²,

Livshits³

et al. 2021

Preprint

View full text Add to dashboard Cite

We identify a new class of side-channels in browsers that are not mitigated by current defenses. This class of sidechannels, which we call "pool-party" attacks, allow sites to create covert channels by manipulating limited-but-unpartitioned resource pools in browsers. We identify pool-party attacks in all popular browsers, and show they are practical cross-site tracking techniques.In this paper we make the following contributions: first, we describe pool-party side-channel attacks that exploit limits in application-layer resource pools in browsers. Second, we demonstrate that pool-party attacks are practical, and can be used to track users in all popular browsers; we also share open source implementations of the attack and evaluate them through a representative web crawl. Third, we show that in Gecko basedbrowsers (including the Tor Browser Bundle) pool-party attacks can also be used for cross-profile tracking (e.g., linking user behavior across normal and private browsing sessions). Last, we discuss possible mitigations and defenses.

show abstract

Section: Relationship To Other Tracking Methodsmentioning

confidence: 99%

Section: A Online Tracking Through Feature Misusementioning

confidence: 99%

Pool-Party: Exploiting Browser Resource Pools as Side-Channels for Web Tracking

Snyder¹,

Karami²,

Livshits³

et al. 2021

Preprint

View full text Add to dashboard Cite

show abstract

“…These modes prevent websites from accessing cookies stored in non-private mode, and it erases browsing history, search history, and cookies upon exit. However, private browsing modes have historically not removed all forensic traces [27,28]. Prior work has also shown that many users are unaware of private browsing modes, and many of those who are aware do not understand the actual privacy protections offered by these modes [13].…”

Section: Related Workmentioning

confidence: 99%

“…Subtle errors can lead to tracking. For example, Solomos et al recently showed that malicious websites could bypass incognito mode on all major browsers using favicons [27]. ResidueFree avoids such tracking by eliminating all persistent data.…”

Section: Motivation: Case Studies Of Popular Application Residuesmentioning

confidence: 99%

“…In addition, ResidueFree did not preserve any files from Firefox or Chromium, including favicons where the supercookie attempts to persist between sessions. As Solomos et al [27] note, these favicon-based supercookies persisted past all major browsers' "private" or "incognito" modes. While these incognito modes are generally effective, they are vulnerable to novel persistent storage techniques like this one.…”

Section: Forensic Evaluationmentioning

confidence: 99%

See 1 more Smart Citation

Residue-Free Computing

Arkema

Sherr

2021

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

Computer applications often leave traces or residues that enable forensic examiners to gain a detailed understanding of the actions a user performed on a computer. Such digital breadcrumbs are left by a large variety of applications, potentially (and indeed likely) unbeknownst to their users. This paper presents the concept of residue-free computing in which a user can operate any existing application installed on their computer in a mode that prevents trace data from being recorded to disk, thus frustrating the forensic process and enabling more privacy-preserving computing. In essence, residue-free computing provides an “incognito mode” for any application. We introduce our implementation of residue-free computing, ResidueFree, and motivate ResidueFree by inventorying the potentially sensitive and privacy-invasive residue left by popular applications. We demonstrate that ResidueFree allows users to operate these applications without leaving trace data, while incurring modest performance overheads.

show abstract