Tuesday, May 18, 2010

Browser Measurement (aka: How Unique is your Browser?)

Hi Folks,
today I wanna point out this exhilarating paper written by Peter Eckersley (Electronic Frontier Foundation )
We investigate the degree to which modern web browsersare subject to \device ngerprinting" via the version and con guration information that they will transmit to websites upon request. We implemented one possible ngerprinting algorithm, and collected these ngerprints from a large sample of browsers that visited our test side, panopticlick.eff.org. We observe that the distribution of our ngerprint contains at least 18.1 bits of entropy, meaning that if we pick a browser at random, at best we expect that only one in 286,777 other browsers will share its ngerprint. Among browsers that support Flash or Java, the situation is worse, with the average browser carrying at least 18.8 bits of identifying information. 94.2% of browsers with Flash or Java were unique in our sample. By observing returning visitors, we estimate how rapidly browser ngerprints might change over time. In our sample, ngerprints changed quite rapidly, but even a simple heuristic was usually able to guess when a ngerprint was an \upgraded" version of a previously observed browser's
ngerprint, with 99.1% of guesses correct and a false positive rate of only 0.86%.
We discuss what privacy threat browser ngerprinting poses in practice, and what countermeasures may be appropriate to prevent it. There is a tradeo between protection against ngerprintability and certain kinds of debuggability, which in current browsers is weighted heavily against privacy. Paradoxically, anti- ngerprinting privacy technologies can be self- defeating if they are not used by a su cient number of people; we show that some privacy measures currently fall victim to this paradox, but others do not.

Some self explanatory results (Click on the Image to enlarge) :

We identi ed only three groups of browser with comparatively good resistance to ngerprinting: those that block JavaScript, those that use TorButton,and certain types of smartphone. It is possible that other such categories exist in our data. Cloned machines behind rewalls are fairly resistant to our algorithm, but would not be resistant to ngerprints that measure clock skew or other hardware characteristics.

Finally, I really enjoyed this reading, it's well documented and it's easy to follow. The research process that they followed is complete in term of experiments, results and strong hypothesis and fair conclusion. In the past 5 months I reviewed 5 journal articles but none satisfied me. Finally I found a very nice paper that I totally suggest.

1 comment:

theguildedpage said...

Quite effective info, thanks so much for the post.