W3C home > Mailing lists > Public > public-webappsec@w3.org > June 2017

fingerprinting deck

From: Brad Hill <hillbrad@gmail.com>
Date: Thu, 22 Jun 2017 17:00:51 +0000
Message-ID: <CAEeYn8hDYN-kEyW_2hDZhZ+HtGvYWQ1gXCg5ZwJ8tWJb15wt=g@mail.gmail.com>
To: "public-webappsec@w3.org" <public-webappsec@w3.org>
We discussed in yesterday's call fingerprinting vs. stateful tracking and I
made reference to a discussion deck on the topic I prepared for TPAC in
2012.

Here's the link I promised:

https://www.w3.org/wiki/images/7/7d/Is_preventing_browser_fingerprinting_a_lost_cause.pdf


Among many other observations, I should thank Andy Steingruebl for the
suggestion that preventing browser fingerprinting is actually an instance
of confining covert channels as described by Lampson in "A note on the
confinement problem" from 1973, which basically states that these channels
cannot be eliminated, only limited in their bandwidth through very careful
system construction.  It's been a very useful lens through which to view
the problem.

Here's a link I found to the paper text:
https://www.cs.utexas.edu/~shmat/courses/cs380s_fall09/lampson73.pdf

-Brad
Received on Thursday, 22 June 2017 17:01:36 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:23 UTC