JShelter: Give Me My Browser Back

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26230%2F23%3APU149342" target="_blank" >RIV/00216305:26230/23:PU149342 - isvavai.cz</a>

Výsledek na webu

<a href="https://arxiv.org/abs/2204.01392" target="_blank" >https://arxiv.org/abs/2204.01392</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.5220/0011965600003555" target="_blank" >10.5220/0011965600003555</a>

Jazyk výsledku

angličtina

Název v původním jazyce

JShelter: Give Me My Browser Back

Popis výsledku v původním jazyce

The web is used daily by billions. Even so, users are not protected from many threats by default. This paper builds on previous web privacy and security research and introduces JShelter, a webextension that fights to return the browser to users. Moreover, we introduce a library helping with common webextension development tasks and fixing loopholes. JShelter focuses on fingerprinting prevention, limitations of rich web APIs, prevention of attacks connected to timing, and learning information about the device, the browser, the user, and the surrounding physical environment and location. During the research of sensor APIs, we discovered a loophole in the sensor timestamps that lets any page observe the device boot time if sensor APIs are enabled in Chromium-based browsers. JShelter provides a fingerprinting report and other feedback that can be used by future web privacy research. Thousands of users around the world use the webextension every day.

Název v anglickém jazyce

JShelter: Give Me My Browser Back

Popis výsledku anglicky

The web is used daily by billions. Even so, users are not protected from many threats by default. This paper builds on previous web privacy and security research and introduces JShelter, a webextension that fights to return the browser to users. Moreover, we introduce a library helping with common webextension development tasks and fixing loopholes. JShelter focuses on fingerprinting prevention, limitations of rich web APIs, prevention of attacks connected to timing, and learning information about the device, the browser, the user, and the surrounding physical environment and location. During the research of sensor APIs, we discovered a loophole in the sensor timestamps that lets any page observe the device boot time if sensor APIs are enabled in Chromium-based browsers. JShelter provides a fingerprinting report and other feedback that can be used by future web privacy research. Thousands of users around the world use the webextension every day.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

—

Návaznosti

S - Specificky vyzkum na vysokych skolach

Rok uplatnění

2023

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

Proceedings of the 20th International Conference on Security and Cryptography

ISBN

978-989-758-666-8

ISSN

—

e-ISSN

—

Počet stran výsledku

8

Strana od-do

287-294

Název nakladatele

SciTePress - Science and Technology Publications

Místo vydání

Řím

Místo konání akce

Rome

Datum konání akce

10. 7. 2023

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

001072829100024