On the Privacy of Private Browsing Kiavash Satvat, Matt Forshaw, Feng Hao, Ehsan Toreini Newcastle University DPM’13.

Slides:

Advertisements

Similar presentations

Transfer Content to a Website What is FTP? File Transfer Protocol FTP is a protocol – a set of rules Designed to allow files to be transferred across.

Advertisements

Safer, Speedier and Sexier Surfing with Safari. Which Web Browser?

Browser Comparisons Internet Explorer 8 & 9, Chrome 11 and Firefox 4 Security, Privacy, Add-ons & Convenience.

Google Chrome & Search C Chapter 18. Objectives 1.Use Google Chrome to navigate the Word Wide Web. 2.Manage bookmarks for web pages. 3.Perform basic keyword.

Web browsers It’s a software application for retrieving and presenting information on WWW. An information resource is identified by a Uniform Resource.

Copyright © 2012 Certification Partners, LLC -- All Rights Reserved Lesson 4: Web Browsing.

Georgios Kontaxis, Michalis Polychronakis Angelos D. Keromytis, Evangelos P. Markatos Siddhant Ujjain (2009cs10219) Deepak Sharma (2009cs10185)

Lesson 4: Web Browsing.

Web Security A how to guide on Keeping your Website Safe. By: Robert Black.

James Tam Web Browsers In this section of notes you will learn about the web browsing process, some of the important features of popular browsers and a.

Microsoft ASP.NET AJAX - AJAX as it has to be Presented by : Rana Vijayasimha Nalla CSCE Grad Student.

Firefox 2 Feature Proposal: Remote User Profiles TeamOne August 3, 2007 TeamOne August 3, 2007.

Management of information. Objectives Discuss the benefits of good management practice Present reference management tools Present bookmark management.

FIRST COURSE Computer Concepts Internet and Microsoft Office Get to Know Your Computer.

Chapter 2 Introduction to HTML5 Internet & World Wide Web How to Program, 5/e Copyright © Pearson, Inc All Rights Reserved.

Christopher M. Pascucci Basic Structural Concepts of.NET Browser – Server Interaction.

 A cookie is a piece of text that a Web server can store on a user's hard disk.  Cookie data is simply name-value pairs stored on your hard disk by.

BROWSERS & BROWSING What, Which & Why. WHAT IS A BROWSER? Once you have an Internet connection, some programs access the internet automatically to operate.

Google Chrome Your Customized Google Buddy April 2012 John Riley and Denise Tate-Kuhler.

Lecturer: Ghadah Aldehim

This presentation will guide you though the initial stages of installation, through to producing your first report Click your mouse to advance the presentation.

Topics Basic Internet Concepts. Types of Information. Search Tools & Techniques. Managing Internet Resources. Browsing a mail. Composing a mail. Attaching.

Internet Skills An Introduction to HTML Alan Noble Room 504 Tel: (44562 internal)

Givingabit & ‘forgetmenot’ for businesses who support charity.

Staying Safe Online Keep your Information Secure.

Web Browser Security Prepared By Mohammed EL-Batta Mohammed Soubih Supervised By Eng. Eman alajrami Explain Date 10. may University of Palestine.

Web Programming: Client/Server Applications Server sends the web pages to the client. –built into Visual Studio for development purposes Client displays.

CSE 154 LECTURE 12: COOKIES. Including files: include include("filename"); PHP include("header.html"); include("shared-code.php"); PHP inserts the entire.

Internet Browsing the world. Browse Internet Course contents Overview: Browsing the world Lesson 1: Internet Explorer Lesson 2: Save a link for future.

SWC Spring 2010 Application Version SWC Spring 2010 Select Folder 2.

Gaurav Aggarwal and Elie Bursztein, Collin Jackson, Dan Boneh, USENIX (Aug.,2010) A N A NALYSIS OF P RIVATE B ROWSING M ODES IN M ODERN B ROWSERS 1.

DISCLAIMER: This help document will require you to make changes to your computer’s internet settings. Any changes you make are done at your own risk! If.

Georgios Kontaxis‡, Michalis Polychronakis‡, Angelos D. Keromytis‡, and Evangelos P.Markatos* ‡Columbia University and *FORTH-ICS USENIX-SEC (August, 2012)

Module 2 – User Safety Privacy Attacks on end users Browser vulnerabilities.

Protecting Browsers from Extension Vulnerabilities Paper by: Adam Barth, Adrienne Porter Felt, Prateek Saxena at University of California, Berkeley and.

IT Computer Security JEOPARDY RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands.

Skill Area 214 Introduce World wide web(www)

Web Browsing *TAKE NOTES*. Millions of people browse the Web every day for research, shopping, job duties and entertainment. Installing a web browser.

IS2802 Introduction to Multimedia Applications for Business Lecture 8: JavaScript and Cookies Rob Gleasure

ONLINE SAFETY AND SECURITY Computer Basics 1.5. INFAMOUS CYBER ATTACKS IN 2014 Sony Pictures: Attackers stole just about everything in the corporate network,

Software - Utilities Objectives Understand what is meant by utility software and application software Look at common utilities – Security – Disk organisation.

Microsoft Office 2008 for Mac – Illustrated Unit D: Getting Started with Safari.

Unit-6 Handling Sessions and Cookies. Concept of Session Session values are store in server side not in user’s machine. A session is available as long.

Part A. Remote Viewing IP Surveillance Camera Application Guide.

What Is Firefox? __________ is a Web ___________ that you use to search for and view Web pages, save pages for use in the future, and maintain a list.

Remove [Browser Hijackers] For more information regarding [Browser Hijackers] Please Visit:

Standard Demo 1 © Hacking Team All Rights Reserved.

Distributed Web Systems Cookies and Session Tracking Lecturer Department University.

Windows Vista Configuration MCTS : Internet Explorer 7.0.

111 State Management Beginning ASP.NET in C# and VB Chapter 4 Pages

Some from Chapter 11.9 – “Web” 4 th edition and SY306 Web and Databases for Cyber Operations Cookies and.

Which is better Avast Free Edition or Avast Pro Version?

Chapter 10: Web Basics.

Chapter 10: Web Basics.

World Wide Web policy.

Lesson 4: Web Browsing.

Troubleshoot All Mozilla Firefox Errors With Just These 6 Steps Mozilla Firefox Customer Support Number.

UNIT 15 Webpage Creator.

Cayuse 424 Desktop Readiness.

What is Cookie? Cookie is small information stored in text file on user’s hard drive by web server. This information is later used by web browser to retrieve.

Troubleshoot and diagnose Firefox common problems Get Free Mozilla Firefox Support.

Lesson 4: Web Browsing.

CSc 337 Lecture 27: Cookies.

Threats to Privacy in the Forensic Analysis of Database Systems

Browsing in Private Mode

Exploring DOM-Based Cross Site Attacks

Cross Site Request Forgery (CSRF)

CSc 337 Lecture 25: Cookies.

Presentation transcript:

On the Privacy of Private Browsing Kiavash Satvat, Matt Forshaw, Feng Hao, Ehsan Toreini Newcastle University DPM’13

Introduction 2005, Safari first introduced private browsing Today, private browsing has become an integrated feature in all major browsers How many people use it in the real world? – 19% based on a survey (Aggarwal et al, 2010) – 2.4 billion Internet users (world stat, 2012) – Roughly, 450 millions users of private browsing How secure is private browsing?

Threat model First, need to define what is meant by “secure” Local attacker – Capability: full physical access to the computer after private session, but not before – Goal: discover any sensitive information related to the private session Remote attacker – Capability: able to engage with user through http (e.g., news website) – Goal: discover if the user is in the private session

Summary of attacks * new results discovered by our work We will select only a few attacks to present here

Local attack – memory inspection Artefacts about private browsing scattered in memory even after the browser is closed

SQLite Database SQLite: an open source database used by Firefox, Chrome and Safari to store user profile In normal cases, it seems all browsers have removed private browsing records successfully However, it is essential to also test edge cases: – When the browser crashes – When the user adds a bookmark

When the browser crashes May happen due to overload, manual termination etc Firefox (minor) – WAL files left on disk – Indicate occurrence of private browsing and times Chrome (minor) – Journal files left on disk – Indicate occurrence of private browsing and time Safari (serious) – Doesn’t use in-memory SQLite – Inserts records of private browsing and deletes later – But in case of crash, private browsing records will persist

Adding a bookmark (Firefox) Moz_bookmarks (table) Moz_places (table) Empty title and last_visit_date

Adding a bookmark (Chrome) Vist_count = 0 Hidden = 1

Adding a bookmark (Safari) (serious) Once the user adds one bookmark, all websites visited in private mode will persist in the database. We filed a bug report (# ) – 12/08 (Apple): “Engineering has determined that this is not to be fixed.” – 13/08, we asked Apple to clarify the decision. – 18/08 (Apple): “After much deliberation, engineering has removed this feature.”

Browser extensions Browser extensions pose a realistic threat to break privacy of private browsing. We tested four latest browsers in 2013 – Firefox: extension enabled by default (vulnerable) – Safari: extension enabled by default (vulnerable) – Chrome: extension disabled by default (good) – IE: extensions disabled by default (good)

Firefox extension (proof of concept) Records all user activities in private session Then sends to a remote server

Addressing the threat of extensions One straightforward solution is to disable extensions by default in the private mode Adopted by Google Chrome and Microsoft IE However, we still need to be careful.

Cross mode interference Chrome allows two modes to run in parallel – Normal mode window: extension enabled – Private mode window: extension disabled However, since the two windows share some common resources Attacker may exploit cross mode interference

Example of cross mode interference Our suggested countermeasure: always run in a single mode

Remote attacks Goal of attack: remote website wishes to find out if the user is in the private mode. E.g., if the user is in the private mode, remote website may push more adult-oriented content or advertisement. Hence, we consider the fact of using private browsing a privacy feature itself.

Example: cookie timing attack The time it takes to write cookies is different between the usual and private modes. We conducted extensive experiments to collect data.

Results (box plots) With the exception of IE, the timing difference between the two modes is significant.

Conclusion Is private browsing private? We took a forensic approach – Defined a threat model to define “security” – Evaluated against local/remote attacks – Validated all previously known attacks – Discovered several new attacks For further details – See the paper and also open source code