Client-Hints and High Res Timers Issues

Inspired by Sam’s good example, here are active GH issues I’ve opened based on PING conversations.  Would similarly appreciate anyone on PING’s contributions to the discussion there:

Client Hints
CH, Logging and passive tracking / fingerprinting #767
https://github.com/httpwg/http-extensions/issues/767
---
An issue discussing the privacy loss / risk from middle parties (CDNs and other TLS terminators) gaining access to fingerprint values (display height x width, device mem, DPI, etc) from all values sent in HTTP headers.  These are FP values that these “middle” parties currently have only indirect / infrequent access to (e.g. the subset of cases when they can be teased out of URLs).

The harm / privacy loss here seems serious (these values have high entropy), significant (a huge number, basically all, users would be impacted) and plain (new business / companies / parties get consistent access to fingerprint-sensitive values they now don’t have consistent access to).

The conversation has been… spirited… and I’m not sure very productive. Would welcome any other input on this issue.



High Resolution Timestamps
Gate Timestamps behind existing permission prompts #64
https://github.com/w3c/hr-time/issues/64
---
There has been prior conversation about the difficulty of mitigating timing-based FP attacks by corsening high-res timers, as well as on the “proliferation” of explicit and implicit hi-res timing info across the DOM.  Other points have been made that these timers are very useful for a narrow set of web uses, and that more permission prompts would be annoying.

The suggestion here is to try to have the cake and eat it two by gating access to these high res timers behind existing permission prompts, that correspond to the discussed use cases for high-res timers (e.g. behind the fullscreen, USB device, WebVR permissions).  That would seem to have the benefit of enabling the uncommon cases where these timers are useful, but taking them out of the common case where privacy abuses could happen.

Received on Monday, 18 March 2019 16:24:15 UTC