Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/umutbasal/deprivacy-sandbox

This research aims to broke privacy sandbox
https://github.com/umutbasal/deprivacy-sandbox

cookie privacy-sandbox tracking

Last synced: about 1 month ago
JSON representation

This research aims to broke privacy sandbox

Host: GitHub
URL: https://github.com/umutbasal/deprivacy-sandbox
Owner: umutbasal
License: mit
Created: 2024-01-25T19:32:00.000Z (12 months ago)
Default Branch: main
Last Pushed: 2024-01-26T21:26:43.000Z (12 months ago)
Last Synced: 2024-10-16T18:17:09.641Z (3 months ago)
Topics: cookie, privacy-sandbox, tracking
Language: Go
Homepage:
Size: 319 KB
Stars: 1
Watchers: 2
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# Deprivacy Sandbox

## Introduction

This research aims to broke privacy sandbox. It seems we can extract small bits of info with entropy attack and unlimited with timing attacks. These techniques can be combined for more effective results.

## Entropy based attack

First attempt was to abuse selecturl and shared state to identify user cross site. But no luck. There is budget mechanism to prevent abuse.

![2 char identifier :d](image.png)

- Latest result is extracting 4 bits of information to local storage by using navigation budget.

## Time based attack

Entropy-based attack faces budget issues when log2(urls) is greater than 0. As we can run sleep in worklets, we can utilize time to extract information. Passing a single URL means log2(1 URL) = 0. We can use this method to extract information without any budget constraints.

![Alt text](image-2.png)

## Try

Enable privacy sandbox flags and add `http://localhost:8080` to site list.

![Alt text](image-1.png)

Run `go run entropy-based/main.go` and `go run time-based/main.go` to see results.