Forgot your password?
typodupeerror
Privacy Security Software The Internet

W3C Group Proposed To Safeguard User Agent State Privacy 76

Posted by timothy
from the dry-title-but-juicy-facts dept.
First time accepted submitter FredAndrews writes "A Private User Agent W3C Community Group has been proposed to tackle the privacy of the web browser by developing technical solutions to close the leaks. Current Javascript APIs are capable of leaking a lot of information as we browse the Internet, such as details of our browser that can be used to identify and track our online presence, and the content on the page (including any private customizations and the effects of extensions), and can monitor and leak our usage on the page such a mouse movements and interactions on the page. This problem is compounded by the increased use of the web browser as a platform for delivering software. While the community ignores the issue, solutions are being developed commercially and patented — we run the risk of ending up unable to have privacy because the solutions are patented. The proposed W3C PUA CG proposes to address the problem with technical solutions at the web browser, such as restricting the back channels available to Javascript, and also by proposing HTML extensions to mitigate lost functionality. Note, this work cannot address the privacy of information that we overtly share, and there are other current W3C initiatives working on this, such as DNT."
This discussion has been archived. No new comments can be posted.

W3C Group Proposed To Safeguard User Agent State Privacy

Comments Filter:
  • want to be private (Score:2, Insightful)

    by ozduo (2043408)
    don't visit the internet
    • by hairyfeet (841228)

      Actually what we need is to replace JavaScript. I mean Good Lord the thing was designed in an earlier and frankly more naive age, they even named it after Java because java was supposed to be the "next new thing" and they wanted to ride the buzz. It was just never designed for security and with more and more crap bolted to it to allow webapps it just gets worse every year. heck block all ads and watch the malware drop, the design just isn't very good for today's threats.

      No what we need is a new language d

  • by Taco Cowboy (5327) on Saturday September 22, 2012 @08:40PM (#41424855) Journal

    The patent system was set up to encourage more people to invent new stuffs - by protecting the interest of the inventor.

    It was never intended for the restriction of the rights of others to protect themselves.

    The use of patent in the solutions as outlined by TFA is another clear cut example of the abuse of the patent system.

    I do not know how much more the world must suffer before the power that be wakes up to the fact that the patent system is hopelessly broken.

    Overhaul the patent system now !

    • Do away with the patent system.
      Get rid of copyright while you're at it.
      • by causality (777677) on Saturday September 22, 2012 @09:08PM (#41425035)

        Do away with the patent system. Get rid of copyright while you're at it.

        A non-renewable copyright of five to ten years, which is valid only if owned by a natural (living, breathing, non-corporate) person, and becomes fully public domain at expiration... that might not be such a bad thing.

        • by james_gnz (663440) on Saturday September 22, 2012 @09:34PM (#41425151)

          The costs of patent litigation exceed their investment value in all industries except chemistry and pharmaceuticals.
          Bessen, James & Meurer, Michael J. (2008) Patent Failure. Princeton University Press.
          So it would make sense to abolish patents in all other areas.

          The economically optimal copyright length, assuming a single flat term, is slightly less than 15 years
          Pollock, Rufus (2009) Forever Minus a Day? Calculating Optimal Copyright Term.
          I think it might be better to have a shorter copyright term followed by a further copyleft term though.

          • by causality (777677)

            I think it might be better to have a shorter copyright term followed by a further copyleft term though.

            That's a damned good idea. Can't say I have much more to add.

          • by KiloByte (825081)

            Considering the effect of patents on drug availability, pushing worse drugs just because the old one's patent expired, and so on, I'd say: let's abolish patents ESPECIALLY on pharmaceuticals.

            • pushing worse drugs just because the old one's patent expired

              In these cases, is the new drug really worse most of the time? If I recall correctly, the patent on fexofenadine (Allegra) came into being as its precursor terfenadine (Seldane), but it turned out that fexofenadine was so much safer than terfenadine that fexofenadine eventually wound up going over the counter. At worst, from what I've seen, the new drug is neither better nor worse, such as loratadine (Claritin) to its active metabolite desloratadine (Clarinex) or racemic omeprazole (Prilosec) to esomeprazol

        • Copyright is a stupid idea. It tries to create scarcity out of non-scarce things. Attempting to apply property law to things that are not scarce will always create more problems than it solves.

          There should be laws against fraud. For example, you can't claim that you wrote a book that someone else wrote, but the book itself should be able to be read, published, and redistributed by anyone.
          • by flimflammer (956759) on Sunday September 23, 2012 @01:10AM (#41426011)

            Who the hell cares who wrote the book at that point? Some people seriously don't think about the consequences of a no copyright no patent environment. If there was absolutely no copyright or patents, the moment someone low in the food chain comes up with something, he can't do anything with it without risking losing it forever. What the hell incentive does he have to anything with it? What the hell reason does anyone have to invest in R&D when someone can just jump in and take the final result and run with it? Do you think we as a people will seriously go "Well they came up with it first, so I'm going to buy their product" when the competitor is offering the same thing at a drastically lower price since they don't have the price of the past R&D to consider?

            Yes, patents are abused and the system is currently absurd. Yes, copyright is abused and the system is currently absurd. (90+ year terms? Come on now.) But removing the systems completely instead of making them better makes no goddamn sense.

            • If there was absolutely no copyright or patents, the moment someone low in the food chain comes up with something, he can't do anything with it without risking losing it forever. What the hell incentive does he have to anything with it?

              Exactly the same incentives that people had to create in the thousands of years before copyright and patents existed? "Intellectual property" doesn't protect the author of creative works, who may very well create it and keep it secret or limited to a small audience. The advan

          • by Genda (560240)

            And the author whose fine work you're enjoying is remunerated how?

            • Re: (Score:2, Insightful)

              by Decker-Mage (782424)
              Actually it's being demonstrated all the time with authors having freely downloadable books online yet people pay for them anyway to support their favorite authors. Toss in KickStarter and the like, music groups similarly getting paid for limited performances, etc. It's been shown time and again that the gatekeepers are exactly that, people supposedly with the knowledge to select the annointed and we pay for the privilege of supporting them in that role. Well, it isn't the middle ages nor the industrial
              • by Genda (560240)

                Don't get me wrong, I applaud both your logic and your integrity... the only fly in the ointment is the cheesy lot that think something for nothing is a gawd given right. You can only have beautiful things by investing in them. It is a wise man who knows upon which side his bread is buttered. You speak of scarcity, if nothing else in this culture is scarce, it would be wisdom.

    • by causality (777677)

      I do not know how much more the world must suffer before the power that be wakes up to the fact that the patent system is hopelessly broken.

      They are quite awake to it. Being awake and aware of the situation, they (the monied interests who make the important decisions) realized long ago that the current broken-ness serves their interests.

      It is only the little guys, the nobodies like you and I, who might want to protect ourselves using techniques that never should have been patentable. Everyone else either collects a check or purchases a license for a trivial, infinitessimal portion of their net worth.

    • by manu0601 (2221348)

      I do not know how much more the world must suffer before the power that be wakes up to the fact that the patent system is hopelessly broken.

      In most countries, the political parties able to govern serves the interests of the wealthiers. Patents as a tool to defend against challenger is good for the them. Nothing can change without more power to the people, which is really not an easy problem to solve. The Referendum d'Initiative Populaire is a solution, but there are not many countries where this exists

  • Note, this work cannot address the privacy of information that we overtly share

    Why do so many people feel an irresistable urge to disclaim claims that were never made?

    It's a form of dumbing things down.

    • The word 'privacy' is quite loaded and is used in a lot of other contexts. The PUA CG is proposed to have a narrow scope so it can efficiently address the privacy of the web browser state. The W3C already has other forums to develop other areas of privacy and they are welcome to it.
      • by causality (777677)

        The word 'privacy' is quite loaded and is used in a lot of other contexts. The PUA CG is proposed to have a narrow scope so it can efficiently address the privacy of the web browser state. The W3C already has other forums to develop other areas of privacy and they are welcome to it.

        The second and third sentences go together. The first has nothing to do with them.

        Anyone who reads that summary and comprehended what they read would know that no claim to solve ALL privary issues of every sort was made. Only a particular subset of a particular nature is being claimed.

        If they did not comprehend what they read, the actual writing needs to cater to those who did. Only under these circumstances does the person who did not understand change into the person who does. Dumbing everything

  • by EdIII (1114411) on Saturday September 22, 2012 @09:20PM (#41425091)

    The proposed W3C PUA CG proposes to address the problem with technical solutions at the web browser, such as restricting the back channels available to Javascript, and also by proposing HTML extensions to mitigate lost functionality.

    In other words, we are going to break functionality used in just about every website out there, especially SAAS platforms that depend on it for delivering software.

    That's okay though, because we are going to replace that functionality with HTML extension. You have tens of thousands of dollars to pump back into software development right?

    Sheesh. I get where they are coming from, but man does it suck for people actually trying to develop and deliver complex platforms with web browsers as front ends.

    • by Anonymous Coward

      In other words, we are going to break functionality used in just about every website out there, especially SAAS platforms that depend on it for delivering software.

      Those Software as a "Service" platforms can write their own damn clients. Or (heaven forbid) deliver a local executable and quit relying on subscription models and holding their customers' data hostage.

      • Re:Translation... (Score:4, Interesting)

        by EdIII (1114411) on Saturday September 22, 2012 @11:04PM (#41425535)

        Ohhh, yeah, sure. It's just that simple. Write a client.

        There is a *reason* why a web browser is used:

        - Cross platform. Linux, Mac, Windows, embedded whatever.
        - No development costs directly associated with the client.
        - Upgrades are instantaneous. CTRL-F5 effectively reloads all the software for a site.
        - For some use cases it means a significantly cheaper interface to business platforms. No expensive licenses client side, or maintenance costs for a fat client.
        - For some use cases, it does not mean SAAS. It could be an internal, proprietary, business platform delivered through a web interface only.
        - For some use cases, it could mean greatly enhanced security as you have an internal website that services all interactions with customer data. No direct access to back end data is even possible.

        Subscription models make perfect sense in some cases. You're rather simplistic rant about those fees completely ignores the fact that for businesses it often makes financial sense. In order to run your own platform you need to:

        - Absorb 100% of the costs of development.
        - Absorb 100% of the costs of maintenance, which includes keeping software engineers on staff who designed it.
        - Absorb 100% of the costs of operating the platform. Includes servers, bandwidth, software licenses, etc.

        I'm sure there are other costs and caveats I am not mentioning too.

        I've looked into some very expensive SAAS platforms (30k per month subscription fee). I can tell you it actually made sense. To develop that platform would have taken me a team of developers and minimum 18 months to deliver. I have no doubt that I could have pulled it off, but in the end it would have cost more than the fees and required almost the subscription fee per month just to keep some of the developers on staff to maintain it, and continue to develop features we may need in the future.

        Holding customer's data hostage? That only happens if you're an idiot . Have a very well spelled out legal contract, and make nightly incremental backups of your data. Some of the SAAS providers I have worked with set up an rsync of our data to our own servers. We back that up incrementally as well.

        So where is the data being held hostage? It's not. What you are held hostage to is the platform. That is going to be true whether the platform exists some place else, or is a local executable on a local server in your company. That you are not always going to be able to get around very quickly. Switching business platforms is not something one just does for the heck of it.

        Things shift around of course, but right now local clients that connect to business platforms are going the way of the dinosaur. Honestly, why even do it at all? Does not a standardized client that runs across multiple platforms not make sense to you at all? It happens to be a web browser right now, and in a more limited fashion Java, but it makes perfect sense to have one. Perhaps that is why SAAS has been taking off so fast. You know... the benefits to the end users.

    • by BenoitRen (998927)

      If it breaks functionality then the website was badly coded. No website should require JavaScript. It should degrade gracefully.

      • by EdIII (1114411)

        Seriously?

        You're trying to tell me you can develop a SAAS platform without Javascript? Don't tell me something ridiculous like use Flash instead either, or write one big massive Java applet.

        It's impossible. You can't have a HTML only website do anything remotely like a Javascript website. Sure, you might be able to cause the page to continuously reload to have a real time updated chart for call volume on a call center, but it will look clunky and crappy doing it.

        That's what it really comes down to. We c

        • by BenoitRen (998927)

          Not all web applications need real-time updates. If one does and JavaScript is disabled, it should still be possible to reload the page to get recent data. That's graceful degradation. JavaScript is meant to be a convenience, not the sole way to do something.

          I have actually developed a web application for a company and I made sure that everything still worked without JavaScript. It works very well.

  • by Skapare (16644) on Saturday September 22, 2012 @09:37PM (#41425159) Homepage

    Browsers had a lot of bad things done in them over the years. These should just be removed. Start with the Referer (regardless of spelling) field. If the domain is different, don't transmit it. Of course this only scratches the surface. When the user visits another domain, launch a whole new browser in a separate process. Also, do not expose data to a page's client side code about things like navigation to other pages when they are done in different tabs or windows. And when returning the view back to a previously viewed page, just view the previous contents ... do NOT reload the page. The only time a page should be reloaded is when the user navigates to it via a link, or presses reload, or the client code for that page requests reloading only itself or a page in the same directory.

    Yeah, they can break a lot of functionality that dumb web developers came to depend on. But these are things that never should have been there to begin with.

  • by Anonymous Coward
    W3C has a lot of members and receives a lot of funding by people who don't want the users to have too much control over their privacy.
  • by Penurious Penguin (2687307) on Saturday September 22, 2012 @10:00PM (#41425259) Homepage Journal
    First, http://www.techdirt.com/articles/20120920/23570020453/when-even-hilarious-web-comic-artists-are-mocking-insanity-patent-system.shtml [techdirt.com]

    Admitting my primitive understanding of this subject, I have some questions; Is sandboxing undervalued? is sending all cache to unique directories that can only be read by the source they were created for practical? Would generating random or shared generic user-agent data for each domain for each encounter have any effect? I have taken simple privacy measures like chmod 400 ~/.macromedia and ~/.adobe; installing noscript, flashblock; bloating /etc/hosts with loopback redirects, thrashed around in about:config, piously used bleachbit, etc.-- but I guess there are still kissmetrics and other mysterious things to deal with.

    I remember trying the EFF's panopticlick [eff.org], which tests your browser for its unique fingerprint. I was a little surprised at the results. What does something like the time-stamp mean for anonymity? How many people in the world have identical installation times and zip-codes, etc.? Why does this and other data need to be there as it is?

    I get confused when contemplating why such promiscuous features are included in browsers in the first place. Are we simply using stupid browsers? Would creating a secure browser break its functionality? I know noscript can be a pain in the ass. What really confuses me is why a browser would store persistent cookies and other data -- after being deleted -- unless it was built to do so. If so, then why? If not, then why? When I start a browser from a fresh install or USB, it works just fine. If I reboot and do it again, it continues to work fine. Why the persistent data?

    Finally, it should be alarming in itself that so much knowledge is required now to have even a measure of privacy. Those who understand, often take their knowledge for granted. But even for someone practically living and working in the web, it is not an overly simple subject. Is privacy an esoteric delusion, or is it an esoteric reality?
    • by Anonymous Coward

      I am afraid privacy has always been a delusion. First however one must realize that while privacy is an interesting notion as long as humanity has been a structure of highly ordered and inter-networked collabaratives privacy has been a farce. From the town gossip of yore to the dealings of the FBI on the phone today, society has always had a penchant for encroaching on the privacy of others. With modern technology and data harvesting we can expect more erosions of in the future. We do live in scary times, b

      • I don't accept that privacy is an all or nothing matter. Why not try and close some obvious invasions of privacy.
  • how do I tell which button you clicked?
    • Through a navigation request or form submission request, or you can send me Javascript to handle the button click on the UA and it will be run in a context that has no access to back channels, or it may be that the button press is intentional enough that it could be passed to a Javascript context that has no access to the AU state but can proxy the event back to your server and then forward an update from your server back to the private UA context. Keep in mind that this is a proposed group to work on the
  • by jd (1658) <imipak @ y a h o o .com> on Sunday September 23, 2012 @01:49AM (#41426197) Homepage Journal

    The browser string helps to identify if the browser can perform certain functions. So send a string that specifies "server-visible capabilities" (ie: what the user wants the server to know about the capabilities of the browser) instead. Then no browser, OS or other potential privacy loopholes exist.

    But what if you don't want the server to know anything? That's the point about sending a capabilities string. If you don't want to specify, there's no need to. Having said that, setting a bit that indicates "HTML 4.01-compliant" is not revealing anything terribly informative to anyone, since that's going to be true of 99% of user agents at this point. Which means you're not part of the 1%, but that's about it.

    HTML 5 is the only awkweird one, as you'd have to have a bit for some generally-agreed group of functions, since there's no fixed standard. (IIRC, that's going to switch to having a "rolling development branch" and fixed "stable snapshots", but for now there's no stable spec you can identify with a simple flag.)

    True, some browsers implement subsets (and/or extensions to) approved standards, but frankly the headache for developers is to support those kinds of freaks. A fixed list of supported standards you can switch between is really what you want. Special cases for every browser make for something that is unmaintainable, as anyone who has developed a web app can tell you. Freak cases really should be reduced to "nearest available standard" where at all possible.

    This satisfies all the requirements of the server, for behaving correctly on multiple browsers, without giving anything away that could be misused.

    Furthermore, since I'm saying the capabilities string is a bunch of flags, you can specify masks per site or site grouping if you want to conceal some information from some servers. (This makes user tracking via the agent impossible, since the agent can now vary and there's fine-grained control over how it varies.) Not a million miles from how security is handled in every other case.

  • This new fixation on privacy becomes absurd. I hope that the commenters are not a representative subset of the population, even here on Slashdot. Do you recognize that complete privacy on the Internet means complete anarchy?

    Do you recognize how small privacy you have when you step out of your home? You become uniquely identifiable immediately.

    In a small town everybody will know me by my face. Oh my god, how can we live in such a rude word? I should put a sack on my head. But no, my shoes identify me to

    • Personal computers have traditionally been a private space and the Internet has not been 'complete anarchy' so you are simply wrong. Simply because the web browser is becoming a platform for delivering applications should in no way make the personal computer open to the covert sharing of its state. I understand that 'privacy' is a loaded word and perhaps you have misunderstood the intention of this group - 'complete privacy on the Internet' is certainly way out of its scope as is discussion about privacy
      • by dshk (838175)

        I work for a site with about 1 million monthly visitors. I know from experience that 1-3% of the visitors are notorious troublemakers and they do ruin the online life of the other 99% if they are not controlled. This is a continuous fight, they put huge efforts into evading our rules and we also spend huge effort into stopping them. For example we know about a user who spent about 2 months working on a software tool. I am not talking about hacking, that is another front. And this is a mostly free service, n

    • by BenoitRen (998927)

      Hyperbole much? In real life there aren't tons of ad agencies tracking your every movement. Your comparison is ridiculous.

      • by dshk (838175)
        I like that I get targeted advertisement instead of random advertisement recently. (There is still place to enhance them though, I frequently get ads about products I already bought or services I already use). Targeted ads are better for all participants, internet industry and visitors too. The only participant which does not like advancements in advertising is Microsoft - for obvious reasons. Have you ever hurt by a targeted ad?

"Neighbors!! We got neighbors! We ain't supposed to have any neighbors, and I just had to shoot one." -- Post Bros. Comics

Working...