Quick evaluation on the current status of fingerprinting resistance between vanilla Mozilla Firefox and the Tor Browser (OWASP Saitama MTG #12, talk #1)
3. TEXT
WHO I AM
▸ Takahiro Yoshimura (@alterakey)
https://keybase.io/alterakey
▸ Monolith Works Inc.
Co-founder, CTO
Security researcher
▸ 明治大学サイバーセキュリティ研究所
客員研究員
4. TEXT
WHAT I DO
▸ Security research and development
▸ iOS/Android Apps
→Financial, Games, IoT related, etc. (>200)
→trueseeing: Non-decompiling Android Application
Vulnerability Scanner [2017]
▸ Windows/Mac/Web/HTML5 Apps
→POS, RAD tools etc.
▸ Network/Web penetration testing
→PCI-DSS etc.
▸ Search engine reconnaissance
(aka. Google Hacking)
▸ Whitebox testing
▸ Forensic analysis
5. TEXT
WHAT I DO
▸ CTF
▸ Enemy10, Sutegoma2
▸ METI CTFCJ 2012 Qual.: Won
▸ METI CTFCJ 2012: 3rd
▸ DEF CON 21 CTF: 6th
▸ DEF CON 22 OpenCTF: 4th
▸ 発表・講演など
DEF CON 25 Demo Labs (2017)
DEF CON 27 AI Village (2019)
CODE BLUE (2017, 2019)
CYDEF (2020) etc.
Image by Wiyre Media on flickr, CC-BY 2.0
6. TEXT
BACKGROUND
▸ Tor -- The Onion Router
→ダークウェブの一種
(匿名性の高いWeb空間)
▸ 特性
▸ 接続先ごとに経路を変える
▸ 概ね10分ごとに経路を再構築
▸ bridgeも使用可能
▸ 接続はtorproxy (SOCKS5)
Image by The Tor Project, CC BY 3.0 US
10. TEXT
TAILORED TO THE DARK WEB?
▸ 公式のTor Browser
▸ TrackingとSurveillanceを念頭に置いている
▸ Block Trackers
▸ Defend Against Surveillance
▸ Resist Fingerprinting
▸ Multi-layered Encryption
11. TEXT
PILLARS OF PRIVACY
▸ 2本の大筋 [1]
https://2019.www.torproject.org/projects/
torbrowser/design/
▸ Cross-Origin Identi
fi
er Unlinkability
▸ 識別子を持ち回れないように
▸ Cross-Origin Fingerprinting Unlinkability
▸ 自己同一性を持ち回れないように
13. TEXT
CROSS-ORIGIN IDENTITFIER UNLINKABILITY
▸ First-party Isolation
privacy.
fi
rstparty.isolate = true
▸ Cookie/Storage/Cache entryなどにも
Origin (→1p) でスコープ化、環境ごと分離する
▸ 既にSOP規定があるものについてもスコープ化
→double keying
Image by gufm on flickr, CC-BY-NC-ND 2.0
14. TEXT
CROSS-ORIGIN IDENTITFIER UNLINKABILITY
▸ ... Cookie, Cache, Storage, Authorization,
TLS session ID, Shared Workers, HTTP/2※,
redirectの強制, window.name, auto
fi
ll, HSTS/
HPKP, broadcast, OCSP, favicon, media source,
prefetch, permissions API
※HTTP/2は今のビルドでは効いている
Image by gufm on flickr, CC-BY-NC-ND 2.0
15. TEXT
CROSS-ORIGIN IDENTITFIER UNLINKABILITY
▸ 問題点: social loginなどができない
→対処を提供しているが、ダメなものもある
privacy.
fi
rstparty.restrict_opener_access,
privacy.
fi
rstparty.block_post_message etc.
▸ 実質的にtorでは使われない
Image by jason wilson on flickr, CC-BY-SA 2.0
16. TEXT
CROSS-ORIGIN FINGERPRINTING UNLINKABILITY
▸ Resist Fingerprinting
privacy.resistFingerprinting = true
▸ 同質化することでFingerprintingへ抵抗する
▸ 以下制約:
canvasデータ精度, timer精度, performance API, 描
画領域 (letterboxing)※, gamepad API, TZ0, ネット
ワーク情報, センサ類, Geolocation API etc.
▸ ※ウィンドウも正方形になる
(スクリーンサイズの保護)
Image by Tricia on flickr, CC-BY 2.0
19. TEXT
UPLIFTED!
▸ First Party Isolation (>=52)
privacy.
fi
rstparty.isolate = true
→Enhanced Tracking Protection Strict Mode
(>=86) … 設定値は残っているので若干疑問。
→ https://developer.mozilla.org/en-US/docs/
Web/Privacy/State_Partitioning
▸ Resist Fingerprinting (>=59)
privacy.resistFingerprinting = true
→ウィンドウは正方形になるがletterboxingは…
→ https://wiki.mozilla.org/Security/
Fingerprinting
Image by Frans on flickr, CC-BY-NC-ND 2.0
20. TEXT
UPLIFTED! .. WITH OTHER SETUP
▸ 他の設定…
▸ Permanent Private Browsing
▸ Extension: NoScript, uBlock Origin, Decentraleyes
▸ 以下設定:
- Home: Blank
- Search engine: DuckDuckGo
- 有効化: HTTPS Only Mode(全域)
- 無効化: Search suggestions, Safe browsing, OCSP query,
Firefox Data Collection and Use系,
Spellcheck, DRM, auto updates, extensions/feature
recommendation, breached passwords reminder
Image by Frans on flickr, CC-BY-NC-ND 2.0
21. TEXT
READY TO ENTER THE DARK WORLD?
▸ これでtorと同等の保護が提供されているのか?
Image by Antonino SCIMECA on flickr, CC-BY 2.0
22. TEXT
READY TO ENTER THE DARK WORLD?
▸ tor browserは
fi
ngerprintに強いのか?
▸ 現代のFPI+RFPと比べてどうか?
▸ ad-blockerなどはいらないのか?
(入れるなとも言っている)
▸ 検証しましょう
Image by Tim Cummins on flickr, CC-BY-NC-ND 2.0
23. TEXT
TEST (NON-JS)
▸ Am I Unique?
amiunique.org
▸
fi
ngerprintと合致するデータ数を出力する
→定性的には多い方が良い
→torと比較しているので同数がゴール