DNS "cookies" or privacy of DNS caching from Nick Doty on 2018-04-10 (public-privacy@w3.org from April to June 2018)

From: Nick Doty <npdoty@ischool.berkeley.edu>
Date: Tue, 10 Apr 2018 15:43:27 -0700
To: public-privacy@w3.org
Message-Id: <1399161D-D7BE-4241-A876-72A2097DEDE1@ischool.berkeley.edu>

I'm curious if there has been any work to investigate the problem of identifying users through DNS cache values. This has been called "DNS cookies":

http://dnscookie.com/ <http://dnscookie.com/>

I'm not sure if shared DNS caches (8.8.8.8 or 1.1.1.1, maybe) would be an effective mitigation to increase the anonymity set.

Related, would there be any ways to detect when a site is doing this, either by the pattern of loading of a large number of subdomains in the browser, or on the other side by observing strange patterns of replying to DNS requests with different addresses?

—Nick

Received on Tuesday, 10 April 2018 22:43:56 UTC