From 65821a5139bf589b4f19a75916c12067c702f2ac Mon Sep 17 00:00:00 2001 From: Tobias Eidelpes Date: Wed, 8 Jul 2020 11:32:43 +0200 Subject: [PATCH] Finish private browsing mode section --- defences.tex | 67 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 67 insertions(+) diff --git a/defences.tex b/defences.tex index 0729bf9..31ad003 100644 --- a/defences.tex +++ b/defences.tex @@ -99,6 +99,73 @@ history clearing because they are intended to track a user for one session only. \subsection{Private Browsing Mode} \label{subsec:Private Browsing Mode} +The private browsing mode is a feature offered by all major browser that intends +to improve privacy by not allowing access to storage areas within the browser. +Users associate it with an increase of privacy compared to normal or public +mode. Unfortunately, implementations of the private browsing mode are inconsistent +across browsers and what is deemed worthy of protection is largely up to browser +vendors. \citet[p.~440]{xuUCognitoPrivateBrowsing2015} provide a comprehensive +overview of browsers and their private browsing mode practices. Most notably, +Safari allows access to earlier cookies, history and HTML5 storage while other +browsers disallow it. Table~\ref{tab:private browsing mode} provides a list of +browsers and their protection against tracking with the methods from +chapter~\ref{chap:tracking methods}. + +\begin{sidewaystable} + \caption{Private browsing mode for major browsers} + \label{tab:private browsing mode} +\centering +\begin{tabular}{|l|l|c|c|c|c|} +\hline +\multicolumn{1}{|c|}{\textbf{Section}} & \multicolumn{1}{c|}{\textbf{Tracking Method}} & \multicolumn{4}{c|}{ \textbf{Tracking in Private Browsing Mode}} \\ +\hline +\multicolumn{2}{|l|}{} & \textbf{Safari} & \textbf{Firefox} & \textbf{Chrome} & \textbf{IE} \\ +\hline +\multicolumn{6}{|l|}{\textbf{Session-based} } \\ +\hline +\ref{subsec:passing information in urls} & Passing Information in URLs & NA & NA & NA & NA \\ +\hline +\ref{subsec:hidden form fields} & Hidden Form Fields & NA & NA & NA & NA \\ +\hline +\ref{subsec:http referer} & HTTP Referer & NA & NA & NA & NA \\ +\hline +\ref{subsec:explicit authentication} & Explicit Authentication & NA & NA & NA & NA \\ +\hline +\ref{subsec:window.name dom property} & window.name DOM property & NA & NA & NA & NA \\ +\hline +\multicolumn{6}{|l|}{\textbf{Storage-based} } \\ +\hline +\ref{subsec:http cookies} & HTTP cookies & Yes & No & No & No \\ +\hline +\ref{subsec:flash cookies and java jnlp persistenceservice} & Flash Cookies and Java JNLP PersistenceService & Yes & Yes & Yes & Yes \\ +\hline +\ref{subsec:evercookie} & Evercookie & Yes & No & No & No \\ +\hline +\ref{subsec:cookie synchronization} & Cookie Synchronization & Yes & Yes & Yes & Yes \\ +\hline +\ref{subsec:silverlight isolated storage} & Silverlight Isolated Storage & Yes & No & No & No \\ +\hline +\ref{subsec:html5 web storage} & HTML5 Web Storage & Yes & No & No & No \\ +\hline +\ref{subsec:html5 indexed database api} & HTML5 Indexed Database API & Yes & No & No & No \\ +\hline +\ref{subsec:web sql database} & Web SQL Database & Yes & No & No & No \\ +\hline +\multicolumn{6}{|l|}{\textbf{Cache-based} } \\ +\hline +\ref{subsec:web cache} & Web Cache & Yes & No & No & No \\ +\hline +\ref{subsec:cache timing} & Cache Timing & Yes & No & No & No \\ +\hline +\ref{subsec:cache control directives} & Cache Control Directives & Yes & No & No & No \\ +\hline +\ref{subsec:dns cache} & DNS Cache & Yes & Yes & Yes & Yes \\ +\hline +\ref{subsec:tls session resumption} & TLS Session Resumption & Yes & No & No & No \\ +\hline +\end{tabular} +\end{sidewaystable} + \subsection{Do Not Track} \label{subsec:Do Not Track}