JShelter: Give Me My Browser Back
The result's identifiers
Result code in IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26230%2F23%3APU149342" target="_blank" >RIV/00216305:26230/23:PU149342 - isvavai.cz</a>
Result on the web
<a href="https://arxiv.org/abs/2204.01392" target="_blank" >https://arxiv.org/abs/2204.01392</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.5220/0011965600003555" target="_blank" >10.5220/0011965600003555</a>
Alternative languages
Result language
angličtina
Original language name
JShelter: Give Me My Browser Back
Original language description
The web is used daily by billions. Even so, users are not protected from many threats by default. This paper builds on previous web privacy and security research and introduces JShelter, a webextension that fights to return the browser to users. Moreover, we introduce a library helping with common webextension development tasks and fixing loopholes. JShelter focuses on fingerprinting prevention, limitations of rich web APIs, prevention of attacks connected to timing, and learning information about the device, the browser, the user, and the surrounding physical environment and location. During the research of sensor APIs, we discovered a loophole in the sensor timestamps that lets any page observe the device boot time if sensor APIs are enabled in Chromium-based browsers. JShelter provides a fingerprinting report and other feedback that can be used by future web privacy research. Thousands of users around the world use the webextension every day.
Czech name
—
Czech description
—
Classification
Type
D - Article in proceedings
CEP classification
—
OECD FORD branch
10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)
Result continuities
Project
—
Continuities
S - Specificky vyzkum na vysokych skolach
Others
Publication year
2023
Confidentiality
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Data specific for result type
Article name in the collection
Proceedings of the 20th International Conference on Security and Cryptography
ISBN
978-989-758-666-8
ISSN
—
e-ISSN
—
Number of pages
8
Pages from-to
287-294
Publisher name
SciTePress - Science and Technology Publications
Place of publication
Řím
Event location
Rome
Event date
Jul 10, 2023
Type of event by nationality
WRD - Celosvětová akce
UT code for WoS article
001072829100024