ucognito private browsing without tears
play

UCognito: Private Browsing without Tears Meng Xu, Yeongjin Yang, - PowerPoint PPT Presentation

Dec 20, 2023 •179 likes •645 views

UCognito: Private Browsing without Tears Meng Xu, Yeongjin Yang, Xinyu Xing, Taesoo Kim, Wenke Lee Georgia Institute of Technology 1 Private Browsing Mode Private Browsing Incognito Mode Guest Mode InPrivate Private Window 2 Private

  1. UCognito: Private Browsing without Tears Meng Xu, Yeongjin Yang, Xinyu Xing, Taesoo Kim, Wenke Lee Georgia Institute of Technology 1

  2. Private Browsing Mode Private Browsing Incognito Mode Guest Mode InPrivate Private Window 2

  3. Private Browsing Mode Private Browsing Questions: Incognito Mode Guest Mode • Same ? • Expected ? InPrivate • Implemented ? • Private ? Private Window 3

  4. Private Browsing Mode Private Browsing Questions: Incognito Mode Guest Mode • Same ? • Expected ? InPrivate • Implemented ? • Private ? Private Window 4

  5. Problem: Different Definitions of Private Browsing Use of persistent data in Chrome Firefox Opera Safari IE private browsing mode Incognito ✘ ✔ ✔ ✔ ✘ Download entries ✔ ✘ ✘ ✔ ✘ SSL self-signed certificate ✔ ✘ ✘ ✔ ✔ Add-on enabled by default 5

  6. Problem: Different Definitions of Private Browsing Use Store Category Incognito Guest Incognito Guest ✔ ✘ ✘ ✘ Browsing history ✘ ✘ ✘ ✘ Cookies ✘ ✘ ✘ ✘ Cache ✘ ✘ ✘ ✘ Local storage ✘ ✘ ✘ ✘ Flash storage ✔ ✘ ✘ ✘ Download entries ✔ ✘ ✘ ✘ Autofills ✔ ✘ ✔ ✘ Bookmarks ✔ ✘ ✘ ✘ Per-site zoom ✔ ✘ ✘ ✘ Per-site permission ✘ ✘ ✘ ✘ SSL self-signed cert ✔ ✔ ✔ ✔ SSL client cert ✔ ✘ ✔ ✘ Add-on storage 6

  7. Private Browsing Mode Private Browsing Questions: Incognito Mode Guest Mode • Same ? • Expected ? InPrivate • Implemented ? • Private ? Private Window 7

  8. 8

  9. Private Browsing Mode Private Browsing Questions: Incognito Mode Guest Mode • Same ? • Expected ? InPrivate • Implemented ? • Private ? Private Window 9

  10. Implementation is `mimicking` and ad-hoc 1 // @netwerk/cookie/nsCookieService.cpp 2 DBState *mDBState; 3 nsRefPtr<DBState> mDefaultDBState; // DB for normal mode 4 nsRefPtr<DBState> mPrivateDBState; // DB for private mode 5 6 // invoked when initializing session 7 void nsCookieService::InitDBStates() { 8 ... 9 mDefaultDBState = new DBState(); // DB for normal mode 10 mPrivateDBState = new DBState(); // DB for private mode 11 // default: normal mode 12 mDBState = mDefaultDBState; 13 ... 14 } 15 16 // invoked when storing cookies 17 void nsCookieService::SetCookieStringInternal() { 18 ... 19 // decide which cookie DB to use, depending on the mode 20 mDBState = aIsPrivate ? mPrivateDBState : mDefaultDBState; 21 ... 22 } 10

  11. Implementation is `mimicking` and ad-hoc 1 // @netwerk/cookie/nsCookieService.cpp 2 DBState *mDBState; 3 nsRefPtr<DBState> mDefaultDBState; // DB for normal mode 4 nsRefPtr<DBState> mPrivateDBState; // DB for private mode 5 6 // invoked when initializing session 7 void nsCookieService::InitDBStates() { 8 ... 9 mDefaultDBState = new DBState(); // DB for normal mode 10 mPrivateDBState = new DBState(); // DB for private mode 11 // default: normal mode 12 mDBState = mDefaultDBState; 13 ... 14 } 15 16 // invoked when storing cookies 17 void nsCookieService::SetCookieStringInternal() { 18 ... 19 // decide which cookie DB to use, depending on the mode 20 mDBState = aIsPrivate ? mPrivateDBState : mDefaultDBState; 21 ... 22 } 11

  12. Problem: Code complexity grows exponentially • How many duplications ? • cookie, history, cache, download entries, autofills, bookmarks, flash storage … • per-site permission, per-site zoom level, SSL certs … • html5 local storage, indexDB … 12

  13. Problem: Code complexity grows exponentially • How many duplications ? • cookie, history, cache, download entries, autofills, bookmarks, flash storage … • per-site permission, per-site zoom level, SSL certs … • html5 local storage, indexDB … X 3 !!! Normal mode Incognito mode Guest mode 13

  14. Problem: Lack of elegant support for add-ons 1 // 1. Detecting private browsing mode @MDN 2 Components.utils.import( 3 "resource://gre/modules/PrivateBrowsingUtils.jsm"); 4 if (!PrivateBrowsingUtils.isWindowPrivate(window)) { 5 ... 6 } 7 8 // 2. Detecting mode changes @MDN 9 function pbObserver() { /* clear private data */ } 10 var os = Components.classes["@mozilla.org/observer-service;1"] 11 .getService(Components.interfaces.nsIObserverService); 12 os.addObserver(pbObserver, "last-pb-context-exited", false); 14

  15. Private Browsing Mode Private Browsing Questions: Incognito Mode Guest Mode • Same ? • Expected ? InPrivate • Implemented ? • Private ? Private Window 15

  16. 16

  17. Per-site permission reveals browsing history Geolocation API Implemented Bug report Patched standard proposed in Chrome 5.0 51204 rev. 192540 Dec May Aug Apr 2008 2010 2010 2013 17

  18. PNaCl cache reveals browsing history • PNaCl translation cache reveals whether you have previously visited a website. • http://gonativeclient.appspot.com/demo/lua (demo) 18

  19. Problem: Not secure by default • How many places to instrument ? • cookie, history, cache, download entries, autofills, bookmarks, flash storage … ok, these are common • per-site permission, per-site zoom level, SSL certs … hmm, we can think of these 19

  20. Problem: Not secure by default • How many places to instrument ? • html5 local storage, indexDB … new features are coming in! • PNaCl, OCSPResponse … oh I forgot them! 20

  21. Uverifier: Testing Private Browsing Mode open(<file>, “w”) …… open(<file>, “r”) write(<file>, ……) …… …… read(<file>, ……) no delete(<file>) Traces Usage 21

  22. PNaCl cache explanation Normal mode Private mode open(<file>, “w”) …… open(<file>, “r”) write(<file>, ……) …… …… read(<file>, ……) no delete(<file>) Traces Usage <profile>/PnaclTranslationCache/index <profile>/PnaclTranslationCache/data_1 <profile>/PnaclTranslationCache/data_2 <profile>/PnaclTranslationCache/data_3 22

  23. UCognito: Decouple private mode implementation from browser codebase. Private Browsing Incognito Mode Guest Mode InPrivate Private Window 23

  24. Ⓤ UCognito: Decouple private mode implementation from browser codebase. UCognito UCognito Layer Mode 24

  25. Ⓤ UCognito: Decouple private mode implementation from browser codebase. Questions: UCognito • Same ? UCognito Layer • Expected ? Mode • Implemented ? • Private ? 25

  26. Ⓤ UCognito Architecture Browser 26

  27. Ⓤ Step 0: Specify Policies Browser …… Autofill Bookmarks Cookies Cache 27

  28. Ⓤ Step 0: Specify Policies Browser …… Autofill Bookmarks Cookies Cache 28

  29. Ⓤ Step 1: Starting UCognito Browser …… Autofill Bookmarks Cookies Cache …… Autofill Bookmarks Cookies Cache 29

  30. Ⓤ Step 2: Browsing …… Browser Autofill Bookmarks Cookies Cache …… Autofill Bookmarks Cookies Cache …… Autofill Bookmarks Cookies Cache 30

  31. Ⓤ Step 3: Cleaning …… Browser Autofill Bookmarks Cookies Cache …… Autofill Bookmarks Cookies Cache …… Autofill Bookmarks Cookies Cache 31

  32. UCognito Sandbox • Goal: redirecting all path to a contained location • e.g., /home/user/profile/* → /tmp/<pid>/home/user/profile/* • Implementation: seccomp-bpf • Leverage MBox, a lightweight sandboxing for non-root users • Place hooks on 50 system calls that deals with file paths, e.g., open, creat, unlink , stat etc 32

  33. UCognito Policy System • Goal: control trace storage and trace usage on a per-file granularity • Design: • CLEAN : disallow loading of any traces, run browser at its pristine stage • COPY : allow use of existing traces, carrying existing information to the sandbox • WRITE : allow storing of new traces, committing data in sandbox back to file system 33

  34. Default Policy 1 # exclude all files in home directory 2 [clean] 3 ~/ Category Use Store ✘ ✘ Browsing history ✘ ✘ Cookies Whitelist principle: ✘ ✘ Cache ✘ ✘ Local storage ✘ ✘ Flash storage By default, nothing is allowed ✘ ✘ Download entries to be stored or used ✘ ✘ Autofills unless specified in a policy ✘ ✘ Bookmarks ✘ ✘ Per-site zoom ✘ ✘ Per-site permission ✘ ✘ SSL self-signed cert ✘ ✘ SSL client cert ✘ ✘ Add-on storage ✘ ✘ (All others) 34

  35. Chrome Guest Mode 1 # exclude all files in home directory 2 [clean] 3 ~/ 4 5 # Use: SSL client certificates Category Use Store 6 [copy] ✘ ✘ 7 ~/.pki/nssdb/cert9.db Browsing history 8 ✘ ✘ Cookies 9 # write-back client certificates ✘ ✘ Cache 10 [write] 11 ~/.pki/nssdb/cert9.db ✘ ✘ Local storage ✘ ✘ Flash storage ✘ ✘ Download entries ✘ ✘ Autofills ✘ ✘ Bookmarks ✘ ✘ Per-site zoom ✘ ✘ Per-site permission ✘ ✘ SSL self-signed cert ✔ ✔ SSL client cert ✘ ✘ Add-on storage ✘ ✘ (All others) 35

Recommend

On the Privacy of Private Browsing Kiavash Satvat, Ma8

On the Privacy of Private Browsing Kiavash Satvat, Ma8

On the Privacy of Private Browsing Kiavash Satvat, Ma8 Forshaw, Feng Hao, Ehsan Toreini Newcastle University DPM13 IntroducGon 2005, Safari first

996 views • 19 slides
[Selected Slides] Moved to Tears: Considering Tears in Scripture, Worship and the Christian Life

[Selected Slides] Moved to Tears: Considering Tears in Scripture, Worship and the Christian Life

[Selected Slides] Moved to Tears: Considering Tears in Scripture, Worship and the Christian Life PW Churchwide Gathering 2018 Lynn Miller Irritant/refmex tears form in response to pain or to fmush foreign objects out of the eye. They contain

452 views • 18 slides
An Analysis of Private Browsing Modes in Modern Browsers

An Analysis of Private Browsing Modes in Modern Browsers

Stanford Computer Security Lab An Analysis of Private Browsing Modes in Modern Browsers Gaurav Aggarwal, Elie Bursztein, Collin Jackson, Dan Boneh Usenix

653 views • 40 slides
PTT Tears: Options for Full Thickness Tears with Collapse Matrona Giakoumis, DPM Faculty, The

PTT Tears: Options for Full Thickness Tears with Collapse Matrona Giakoumis, DPM Faculty, The

PTT Tears: Options for Full Thickness Tears with Collapse Matrona Giakoumis, DPM Faculty, The New York College of Podiatric Medicine Faculty, The Podiatry Institute OSET ORTHOPAEDIC SUMMIT Evolving Techniques 2017 Conflicts of Interest No

554 views • 23 slides
Models for Models for Retrieval and Browsing Retrieval and Browsing - Structural Models and

Models for Models for Retrieval and Browsing Retrieval and Browsing - Structural Models and

Models for Models for Retrieval and Browsing Retrieval and Browsing - Structural Models and Browsing Berlin Chen 2004 Reference : 1. Modern Information Retrieval , chapter 2 Taxonomy of Classic IR Models Set Theoretic Fuzzy Extended Boolean

837 views • 29 slides
Your Secrets Are Safe : How Browsers Explanations Impact Misconceptions About Private Browsing

Your Secrets Are Safe : How Browsers Explanations Impact Misconceptions About Private Browsing

Your Secrets Are Safe : How Browsers Explanations Impact Misconceptions About Private Browsing Mode Yuxi Wu, Panya Gupta, Miranda Wei, Yasemin Acar, Sascha Fahl, Blase Ur https://FancyWines.com 2 Yuxi Wu, Miranda Wei | Your Secrets Are

851 views • 51 slides
Performance Metrics for Web Browsing draft fan ippm web metrics 00 Peng Fan

Performance Metrics for Web Browsing draft fan ippm web metrics 00 Peng Fan

Performance Metrics for Web Browsing draft fan ippm web metrics 00 Peng Fan Motivation Web browsing is a basic internet service, with a large population of users and proportion of traffic Understanding web browsing

578 views • 10 slides
Models for Models for Retrieval and Browsing Retrieval and Browsing - Fuzzy Set, Extended

Models for Models for Retrieval and Browsing Retrieval and Browsing - Fuzzy Set, Extended

Models for Models for Retrieval and Browsing Retrieval and Browsing - Fuzzy Set, Extended Boolean, Generalized Vector Space Models Berlin Chen 2004 Reference: 1. Modern Information Retrieval . Chapter 2 Taxonomy of Classic IR Models Set

511 views • 30 slides
and Privacy Protection Xianyi Gao*, Yulong Yang*, Huiqing Fu*, Janne Lindqvist*, Yang Wang+

and Privacy Protection Xianyi Gao*, Yulong Yang*, Huiqing Fu*, Janne Lindqvist*, Yang Wang+

Private Browsing: an Inquiry on Usability and Privacy Protection Xianyi Gao*, Yulong Yang*, Huiqing Fu*, Janne Lindqvist*, Yang Wang+ *Rutgers University +Syracuse University Published in WPES 2014 What is private browsing? Introduced in

632 views • 21 slides
Secure Browsing and Email Web Browsing with HTTPS Secure Email with OpenPGP Organised by Steven

Secure Browsing and Email Web Browsing with HTTPS Secure Email with OpenPGP Organised by Steven

Free Technology Workshop Secure Browsing and Email Web Browsing with HTTPS Secure Email with OpenPGP Organised by Steven Gordon Room RS309 9am - 12noon Friday 27 June 2014 http://ict.siit.tu.ac.th/moodle/ Adresses Local copies of

667 views • 19 slides
Forced/forceful browsing sws2 1 Forced browsing (not in book!) Supplying a URL directly

Forced/forceful browsing sws2 1 Forced browsing (not in book!) Supplying a URL directly

Software and Web Security 2 Forced/forceful browsing sws2 1 Forced browsing (not in book!) Supplying a URL directly (forcing the URL) rather than by accessing it by following links from other pages Modify (numerical) value in known

1.16k views • 38 slides
Indentifying and Repairing Meniscus Root Tears Thomas Carter, MD Phoenix, AZ Meniscal Root

Indentifying and Repairing Meniscus Root Tears Thomas Carter, MD Phoenix, AZ Meniscal Root

Indentifying and Repairing Meniscus Root Tears Thomas Carter, MD Phoenix, AZ Meniscal Root Tears (MRT) tear within 1cm (typically radial) or avulsion of the meniscus insertion loss of circumferential hoop stress and significant

858 views • 24 slides
DAGs with NO TEARS Continuous Optimization for Structure Learning Xun Zheng Bryon Aragam

DAGs with NO TEARS Continuous Optimization for Structure Learning Xun Zheng Bryon Aragam

DAGs with NO TEARS Continuous Optimization for Structure Learning Xun Zheng Bryon Aragam Pradeep Ravikumar Eric Xing Machine Learning Department Carnegie Mellon University November 28, 2018 Xun Zheng (CMU) DAGs with NO TEARS November 28,

723 views • 11 slides
Web Browsing Topics Physical Exchange of Web Web Browsing 101 Technology Information

Web Browsing Topics Physical Exchange of Web Web Browsing 101 Technology Information

10/24/2011 Web Browsing Topics Physical Exchange of Web Web Browsing 101 Technology Information Browsers Web Evolution of Applications Technology NAGTRI Webinar Series NCJRL / NAAG NAGTRI Webinar Series NCJRL / NAAG Personal

267 views • 12 slides
Knee Arthritis and Meniscus Tears: An Evidence Based Approach Brian Feeley, MD Sports Medicine

Knee Arthritis and Meniscus Tears: An Evidence Based Approach Brian Feeley, MD Sports Medicine

Knee Arthritis and Meniscus Tears: An Evidence Based Approach Brian Feeley, MD Sports Medicine and Shoulder Surgery UC San Francisco Using Evidence to Guide Treatment of Degenerative Knee Conditions Degenerative Meniscus Tears Natural

338 views • 30 slides
Agenda CPSC 533C Information Visualization Project Update Motivation: Exploratory browsing?

Agenda CPSC 533C Information Visualization Project Update Motivation: Exploratory browsing?

Agenda CPSC 533C Information Visualization Project Update Motivation: Exploratory browsing? Exploratory Browsing in The ideal infovis solution: what should it be? Music Space Related work: displaying query-based results

473 views • 6 slides
Image search through browsing using NN k networks Daniel Heesch, Marcus Pickering, Stefan Rger,

Image search through browsing using NN k networks Daniel Heesch, Marcus Pickering, Stefan Rger,

Image search through browsing using NN k networks Daniel Heesch, Marcus Pickering, Stefan Rger, Alexei Yavlinsky TRECVID 2003 Overview Image and Collection Preprocessing Search and Relevance Feedback Temporal Browsing and NN k

508 views • 36 slides
Practical Cryptography for a Peer-to-Peer Web Browsing System A. Pokluda Cheriton School of

Practical Cryptography for a Peer-to-Peer Web Browsing System A. Pokluda Cheriton School of

Introduction Cryptography in P2P Systems A P2P Web Browsing System Comparison of Implementations in C Summary Practical Cryptography for a Peer-to-Peer Web Browsing System A. Pokluda Cheriton School of Computer Science University of

462 views • 21 slides
What are the treatment options for UCL tears of the elbow in athletes? Christopher Doumas, MD

What are the treatment options for UCL tears of the elbow in athletes? Christopher Doumas, MD

What are the treatment options for UCL tears of the elbow in athletes? Christopher Doumas, MD Clinical Assistant Professor Orthopaedic Surgery Rutgers-RWJMS Chief of Hand Surgery JSUMC Disclosures President and Founder of

684 views • 54 slides
Meniscal Root Tears: Take the time to fix them and which ones I dont. MARC LABB, M.D.

Meniscal Root Tears: Take the time to fix them and which ones I dont. MARC LABB, M.D.

Meniscal Root Tears: Take the time to fix them and which ones I dont. MARC LABB, M.D. CHIEF OF SURGERY HOUSTON METHODIST THE WOODLANDS HOSPITAL What is the big deal?! Root tear disrupts meniscal hoop Posterior Root

878 views • 9 slides
An interactive timeline for Speech Database Browsing Benoit Favre SRI STAR Lab Seminar

An interactive timeline for Speech Database Browsing Benoit Favre SRI STAR Lab Seminar

Introduction Speech Database Browsing Prototype Conclusion An interactive timeline for Speech Database Browsing Benoit Favre SRI STAR Lab Seminar Series 2007-08-02 1 / 24 Introduction Speech Database Browsing Prototype Conclusion

531 views • 52 slides
The ICSI corpus; Browsing meetings nlssd natural language and speech system design . Steve

The ICSI corpus; Browsing meetings nlssd natural language and speech system design . Steve

The ICSI corpus; Browsing meetings nlssd natural language and speech system design . Steve Renals s.renals@ed.ac.uk NLSSD/Corpus and Browsing p.1/14 Overview The ICSI meetings corpus Browsing meetings Useful reading: Janin et

185 views • 14 slides
Evidence Based Management of Meniscal Tears Kenneth G. Swan, Jr., MD NO DISCLOSURES

Evidence Based Management of Meniscal Tears Kenneth G. Swan, Jr., MD NO DISCLOSURES

Evidence Based Management of Meniscal Tears Kenneth G. Swan, Jr., MD NO DISCLOSURES www.UOANJ.com www.UOANJ.com Meniscus Once thought to be a ves@gial muscle remnant with no known purpose, now known to be: Important structure for

1.07k views • 48 slides
CUJO - Safe Browsing with Lua Lourival Vieira Neto &lt;lourival.neto@getcujo.com&gt; Introduction

CUJO - Safe Browsing with Lua Lourival Vieira Neto &lt;lourival.neto@getcujo.com&gt; Introduction

CUJO - Safe Browsing with Lua Lourival Vieira Neto &lt;lourival.neto@getcujo.com&gt; Introduction CUJO Smart Firewall Safe Browsing Parental Controls Introduction CUJO Firmware Team Gabriel Ligneul Iruat

603 views • 31 slides

More recommend