Web Browser Privacy: What Do Browsers Say When They Phone Home?

Leith, Douglas J.

doi:10.1109/access.2021.3065243

Cited by 15 publications

(7 citation statements)

References 25 publications

(25 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Due to the prevalence of ads and analytics scripts that harvest users' information [86], many advertisement and tracker blocking tools have been developed to protect user privacy. Of these tools, the Brave browser has stood out to be one of the best browsers for user privacy on the Clearnet to date [56].…”

Section: Fingerprinting Under Ad Blockingmentioning

confidence: 99%

“…Therefore, it is straightforward for the adversary to set up an environment that is similar to that of the victim. Specifically, the availability of several OS and device fingerprinting tools based on the different implementations of the TCP/IP stack [16,93], together with well-known "home-phoning" traffic of different web browsers [56], can assist the adversary in fil-tering background noise and resembling a similar browsing environment with the victim.…”

Section: Limitationsmentioning

confidence: 99%

See 1 more Smart Citation

Domain name encryption is not enough: privacy leakage via IP-based website fingerprinting

Hoang

Niaki

Gill

et al. 2021

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

Although the security benefits of domain name encryption technologies such as DNS over TLS (DoT), DNS over HTTPS (DoH), and Encrypted Client Hello (ECH) are clear, their positive impact on user privacy is weakened by—the still exposed—IP address information. However, content delivery networks, DNS-based load balancing, co-hosting of different websites on the same server, and IP address churn, all contribute towards making domain–IP mappings unstable, and prevent straightforward IP-based browsing tracking. In this paper, we show that this instability is not a roadblock (assuming a universal DoT/DoH and ECH deployment), by introducing an IP-based website finger-printing technique that allows a network-level observer to identify at scale the website a user visits. Our technique exploits the complex structure of most websites, which load resources from several domains besides their primary one. Using the generated fingerprints of more than 200K websites studied, we could successfully identify 84% of them when observing solely destination IP addresses. The accuracy rate increases to 92% for popular websites, and 95% for popular and sensitive web-sites. We also evaluated the robustness of the generated fingerprints over time, and demonstrate that they are still effective at successfully identifying about 70% of the tested websites after two months. We conclude by discussing strategies for website owners and hosting providers towards hindering IP-based website fingerprinting and maximizing the privacy benefits offered by DoT/DoH and ECH.

show abstract

Section: Fingerprinting Under Ad Blockingmentioning

confidence: 99%

Section: Limitationsmentioning

confidence: 99%

Domain name encryption is not enough: privacy leakage via IP-based website fingerprinting

Hoang

Niaki

Gill

et al. 2021

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

show abstract

“…It is out of scope to study this issue in detail here, but recall Leith's study of the telemetry communications of six major browsers-Chrome, Firefox, Safari, Brave, Edge and Yandex-by Leith [112]. Leith observed that the identifiers persist over four different timespans: (i) ephemeral identifiers; (ii) session identifiers, reset on browser restart; (iii) browser instance identifiers set on installation, and (iv) device identifiers [112]. Brave uses only ephemeral identifiers; Chrome, Firefox, and Safari use session and browser instance; Yandex uses device identifiers [112].…”

Section: Identifying Device Activitymentioning

confidence: 99%

“…Leith observed that the identifiers persist over four different timespans: (i) ephemeral identifiers; (ii) session identifiers, reset on browser restart; (iii) browser instance identifiers set on installation, and (iv) device identifiers [112]. Brave uses only ephemeral identifiers; Chrome, Firefox, and Safari use session and browser instance; Yandex uses device identifiers [112]. Leith did not give Edge or Yandex a clean bill of health.…”

Section: Identifying Device Activitymentioning

confidence: 99%

Categorizing Uses of Communications Metadata: Systematizing Knowledge and Presenting a Path for Privacy

Landau

2020

New Security Paradigms Workshop 2020

View full text Add to dashboard Cite

Communications metadata can be used to determine a communication's device, identify the user of the device, and profile the user's personality and behavior. The current state of affairs is that the increase of attacks against user privacy based on using communications metadata vastly outpaces the ability of users to protect themselves. With few exceptions, protections are point solutions against a specific attack. In the current situation, the user loses.This paper is an initial step in a multi-step research effort to reset that balance. The main contribution of this paper is a categorization of the uses of communications metadata based on their privacy impact. Because of the technical complexity of the problem, including the wide variety of electronic communications, technology can only go so far in providing solutions to the privacy problems created by the use of communications metadata. Legal and policy intervention will also be needed. This categorization is intended to provide a start in developing legal and policy privacy protections for communications metadata. Along the way, I also provide an explanation for how it is that communications metadata has become so valuable, sometimes surpassing the value of content. This work provides both an intellectual framework for thinking about the privacy implications of the use of communications metadata and a roadmap, with first steps taken, for providing privacy protections for users of electronic communications. CCS CONCEPTS• Security and Privacy → Human and societal aspects of security and privacy; • Applied Computing → Law, social and behavioral sciences.

show abstract

“…Additionally, there are situations where adversaries try to exploit the private mode of the web browsers to cover their tracks. Some studies investigated the security of their transmitted information [6], and there are studies that focused on the private mode of particular web browsers [7] or investigated a web browser vendor's claims [8]. As observed in Section 2.2, four prevalent web browsers were chosen for this investigation and analysis.…”

Section: Introductionmentioning

confidence: 99%

Browsers’ Private Mode: Is It What We Were Promised?

Hughes¹,

Papadopoulos²,

Pitropakis³

et al. 2021

Computers

View full text Add to dashboard Cite

Web browsers are one of the most used applications on every computational device in our days. Hence, they play a pivotal role in any forensic investigation and help determine if nefarious or suspicious activity has occurred on that device. Our study investigates the usage of private mode and browsing artefacts within four prevalent web browsers and is focused on analyzing both hard disk and random access memory. Forensic analysis on the target device showed that using private mode matched each of the web browser vendors’ claims, such as that browsing activity, search history, cookies and temporary files that are not saved in the device’s hard disks. However, in volatile memory analysis, a majority of artefacts within the test cases were retrieved. Hence, a malicious actor performing a similar approach could potentially retrieve sensitive information left behind on the device without the user’s consent.

show abstract

Web Browser Privacy: What Do Browsers Say When They Phone Home?

Cited by 15 publications

References 25 publications

Domain name encryption is not enough: privacy leakage via IP-based website fingerprinting

Domain name encryption is not enough: privacy leakage via IP-based website fingerprinting

Categorizing Uses of Communications Metadata: Systematizing Knowledge and Presenting a Path for Privacy

Browsers’ Private Mode: Is It What We Were Promised?

Contact Info

Product

Resources

About