zenon/bachelorarbeit
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Finish browser history section

Browse Source
This commit is contained in:
Tobias Eidelpes 2020-07-08 10:11:10 +02:00
parent 70de732d77
commit 9c75154eaa
1 changed files with 24 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
defences.tex
View File

@ -26,7 +26,7 @@ one browser to another, the basic idea of the underlying functionality remains
the same.
\subsection{Opt-out and Opt-in}
\label{subsec:Opt-out}
\label{subsec:opt-out}
To opt-out in the context of web tracking means to make use of the possibility
of turning off data collection by a web site. After the user has opted-out of
@ -73,6 +73,29 @@ in chapter~\ref{chap:tracking methods} can be defended against.
\subsection{Clearing Browser History}
\label{subsec:Clearing Browser History}
For our purposes, clearing the browser history means not only clearing the web
sites that have been visited but also cookies and other relevant data that is
saved with a visit to a web site. All major browser offer this function and what
they delete is similar. Firefox for example allows clearing the browsing and
search history, form and search history, cookies (also flash cookies), the
cache, active logins, offline web site data and site preferences such as
permissions, zoom level and character encodings. This technique is only
beneficial in the long term if users do it frequently to stop any accumulation
of tracking identifiers in caches, cookies or other site data. The downside is
that not having a history to go back to can hamper user experience depending on
the workflow of each user. Futhermore, opt-out or opt-in preferences are deleted
as well, making the technique in section~\ref{subsec:opt-out} less effective.
Clearing the browser history is effective against some storage-based tracking
methods. Evercookie (section~\ref{subsec:evercookie}) and cookie synchronisation
(section~\ref{subsec:cookie synchronization}) are designed to respawn items in
the browser history and can therefore not be mitigated. Almost all cache-based
methods are also mitigated by frequently clearing the browser history as long as
users do not authenticate themselves with a web service.
\citet{kleinDNSCacheBasedUser2019} demonstrate that their \gls{DNS} cache attack
works across history deletions. Session-based methods are not affected by
history clearing because they are intended to track a user for one session only.
\subsection{Private Browsing Mode}
\label{subsec:Private Browsing Mode}