JShelter: Give Me My Browser Back

04/04/2022
by   Libor Polčák, et al.
0

The Web is used daily by billions. Even so, users are not protected from many threats by default. This position paper builds on previous web privacy and security research and introduces JShelter, a webextension that fights to return the browser to users. Moreover, we introduce a library helping with common webextension development tasks and fixing loopholes misused by previous research. JShelter focuses on fingerprinting prevention, limitations of rich web APIs, prevention of attacks connected to timing, and learning information about the computer, the browser, the user, and surrounding physical environment and location. We discovered a loophole in the sensor timestamps that lets any page observe the device boot time if sensor APIs are enabled in Chromium-based browsers. JShelter provides a fingerprinting report and other feedback that can be used by future security research and data protection authorities. Thousands of users around the world use the webextension every day.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
08/17/2022

TangibleGrid: Tangible Web Layout Design for Blind Users

We present TangibleGrid, a novel device that allows blind users to under...
research
09/13/2018

Fidelius: Protecting User Secrets from Compromised Browsers

Users regularly enter sensitive data, such as passwords, credit card num...
research
10/12/2019

JSDoop and TensorFlow.js: Volunteer Distributed Web Browser-Based Neural Network Training

In 2019, around 57% of the population of the world has broadband access ...
research
09/20/2023

Data Exfiltration by Hotjar Revisited

Session replay scripts allow website owners to record the interaction of...
research
11/14/2017

Modeling and Performance Comparison of Privacy Approaches for Location Based Services

In pervasive computing environment, Location Based Services (LBSs) are g...
research
01/10/2019

EmPoWeb: Empowering Web Applications with Browser Extensions

Browser extensions are third party programs, tightly integrated to brows...
research
08/06/2018

Digital Blues: An Investigation into the Use of Bluetooth Protocols

The proliferation of Bluetooth mobile device communications into all asp...

Please sign up or login with your details

Forgot password? Click here to reset