Side-channel leaks: Is privacy always at stake?

JavaScript says everything that turns out to be less privacy-friendly: side-channel leaks can be exploited to follow you around the web. And using browser privacy extensions can make things worse. Boffins from Graz University of Technology in Austria has developed an automated browser profiling scheme using two fresh side-channel attacks that can assist reveal software and hardware data to fingerprint browsers and enhance the efficiency of exploits.

Researchers Michael Schwarz, Florian Lackner, and Daniel Gruss describe a method for gathering browser data that calls into question the efficacy of anonymized browsing and browser privacy extensions in a document, “JavaScript Template Attacks: Automatically Inferring Host Information for Targeted Exploits.” This week, the article came to our attention and presented at the Network and Distributed System Security Symposium previously this year.

Researchers claim their automated browser profiling system facilitates browser fingerprinting, overcomes certain anti-fingerprinting methods, and demonstrates that browser privacy extensions “can leak more data than they disguise and can even be semi-automatically circumvented, leading to a false sense of safety.”

Browser fingerprinting includes collecting data about the browser and related software and hardware of an internet user, such as browser type, operating system, headers for different network requests, cookies, extensions, screen resolution, etc.

These characteristics can be gathered using JavaScript, which exposes linguistic characteristics, namely the object structure of JavaScript–the root window object kids–that can also be tested for data.

It’s not a novel problem, but in combination with two fresh side-channel attacks revealing the instruction-set architecture and memory allocator, the described method may expose data about allegedly concealed components of the browser setting with specific effectiveness because it’s automated. And yes, you may be able to disable the execution of JavaScript, although you will lose a lot of internet features.

The results have consequences for anyone under the impression that online privacy or anonymity can be guaranteed, but especially for Tor browser users who have been intended to withstand fingerprints. The study indicates that Tor’s attempt to make users appear to have the same browser fingerprint, thus mixing into the crowd, may fall short when considering extra information points.

The upshot is: this technique won’t unmask you immediately and it isn’t ideal at all, but it could possibly be used to monitor you around the internet and target you with advertisements.

For user fingerprinting, JavaScript Template Attacks can be used. But the method was intended instead of users to define computing environments. It can thus promote targeted exploitation, which is more efficient in ensuring vulnerability by recognition. The Graz boffins, however, hope that their work will advance defensive studies instead of attacking magnification.

JavaScript Template Attacks is an instrument to discover subtle variations in environment-induced browser motors automatically. JavaScript Template Attacks ‘ primary use case is to provide an automated increase for the defense mechanism development process. However, it can also be used to help search for fingerprints or to get a more accurate image of a victim’s targeted exploitation setting, according to

The method is sufficiently easy. First enters the profiling stage, compiling a list of available characteristics from JavaScript objects (e.g. window., performance.timeOrigin). These are turning into a profile. The differences detected in this data matrix show eco-dependent characteristics in Chrome, Edge, Firefox and Mobile Tor, characteristics that are helpful for identifying and targeting attacks.

One of the side-channel attacks created for JavaScript Template Attacks involves measuring gaps in runtime between two code snippets to infer the underlying instruction set architecture through JIT compiler behavior variations.

The other includes measuring memory allocator time variations to infer a memory region’s assigned size.

Exploring the JavaScript environment by boffins shows not only the capacity to fingerprint through browser version, installed privacy extension, privacy mode, operating system, device microarchitecture, and virtual machine, but also JavaScript object characteristics.

And their study demonstrates that these are much more than covered by formal documentation. This implies that browser fingerprints can be much more comprehensive than they are now–have more information points. For example, Firefox’s Mozilla Developer Network documentation covers 2,247 browser properties. It was possible for scientists to catch 15,709. Although not all of these are fingerprinting usable and some are duplicates, they claim they discovered about 10,000 usable characteristics for all browsers.

Schwarz, Lackner, and Gruss conclude by stating that they hope browser manufacturers will take their results into account as they work to enhance browser extensions and privacy

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
Side-channel leaks: Is privacy always at stake?, Tech chums