Firefox 85 will improve privacy with network partitioning feature

[Karlston]

Firefox 85 will improve privacy with network partitioning feature

Next month's stable release of Firefox 85 will include the anti-tracking feature networking partitioning to improve user privacy on the Internet. While Firefox is not the first web browser to support network partitioning, that honor goes to Apple and the company's Safari web browser, it is a major improvement as it eliminates tracking techniques that rely on shared cache functionality.

 

Most Internet users are aware of cookies by now and how they may be used to track users across sites. Less known is that other data that is stored locally may also be used to track users. Browsers store all sorts of data besides cookies including HTTP and image files, favicons, fonts and more.

 

 

Up until now, these caches were set to share files, and it makes sense from a performance point of view. Instead of having to download files such as fonts for each site, the browser could simply load it from the cache if the file had been downloaded from another site in the past. Sites could use the information to determine if a user visited another site in the past.

 

Starting in Firefox 85, Firefox will partition network resources to eliminate this form of tracking and probing.

Google introduced support for partitioning the HTTP cache in Chrome 86 stable to prevent snooping and improve security at the same time.

 

Performance may be impacted as it is no longer possible to share resources, e.g. the same font. The browser needs to download the file for each top-level domain separately and that takes longer than loading it from cache. The performance impact depends largely on the sites that are visited; if none use the same resources, then no performance hit should be observed when loading sites.

 

Firefox users who are interested in the feature's development can check out the Meta Bug on the Bugzilla website. Firefox 85 is scheduled to be released on January 26, 2021.

Closing Words

Network partitioning improves a browser's tracking protection by separating the caches that sites may use when they are accessed in the browser. It is a welcome feature, and it appears to be supported by all modern web browsers that are based on Chromium and Firefox.  (via ZDNet)

 

 

Firefox 85 will improve privacy with network partitioning feature

[Karlston]

Firefox continues cracking down on tracking with cache partitioning

Mozilla follows Apple's and Google's leads on partitioning, then one-ups them.

Enlarge / Breaking up the browser cache into separate pools prevents sophisticated timing probes that let one site know whether you're logged in to another.

Mozilla / Jim Salter

94 with 67 posters participating, including story author

Firefox version 85 will be released in January 2021, and one of its features is increased user privacy via improvements in client-side storage (cache) partitioning. This has been widely and incorrectly reported elsewhere as network partitioning, likely due to confusion around the privacy.partition.network state flag in Firefox, which allows advanced users to enable or disable cache partitioning as desired.

What is cache partitioning—and why might I want it?

In a nutshell, cache partitioning is the process of keeping separate cache pools for separate websites, based on the site requesting the resources loaded, rather than simply on the site providing the resources.

 

With a traditional, globally scoped browser cache, you might see behavior like this:

1. user browses to https://coolwebsite.com/
2. many different resources are loaded and cached, including https://coolwebsite.com/logo.jpg
3. user browses to https://shadywebsite.com/
4. in a hidden div, shadywebsite loads https://coolwebsite.com/logo.jpg
5. shadywebsite uses JavaScript elements to time how long the user's browser needs to render logo.jpg
6. Since https://coolwebsite.com/logo.jpg was in cache, it renders in under five milliseconds
7. shadywebsite now knows that the user has recently visited https://coolwebsite.com/—because if logo.jpg hadn't been cached, it would have taken longer to render in-browser.

When using a partitioned cache, the copy of https://coolwebsite.com/logo.jpg that was downloaded and cached when the user visited coolwebsite isn't available when the user visits shadywebsite. Since there's no copy of the file in shadywebsite's site-specific cache pool, logo.jpg must be loaded directly—whether it's in coolwebsite's cache pool or not.

 

This is a very simplistic version of cache timing attacks that take place regularly—more sophisticated attacks may focus on elements that strongly imply a user is currently logged in to an unrelated site, rather than simply having visited it recently.

 

In some cases, the attacking website may even be able to forcibly evict cache records, which can allow it to see how long those records take to reappear, providing even more data about the user's activities.

 

For a more detailed discussion of client-side storage partitioning, see the W3C Privacy Community Group's work item on the topic, at https://github.com/privacycg/storage-partitioning.

What’s the downside to cache partitioning?

There are some Web resources that are legitimately used near-universally across thousands or millions of sites—for example, embedded fonts being delivered from fonts.google.com. With a globally scoped cache, site1.com might embed a copy of the Roboto font from fonts.google.com, and when site2.com through site999.com embed the same font, it can be delivered from the browser cache.

 

Under a partitioned cache, site1.com's copy of Roboto is accessible only to site1.com itself—when the user goes to site938.com, which also embeds Roboto from the same source, it must be downloaded (and cached) separately.

Which resources will be partitioned in Firefox 85?

As reported by ZDNet, the following resources will now be partitioned when privacy.partition.network_state is enabled:

• HTTP cache
• Image cache
• Favicon cache
• Connection pooling
• StyleSheet cache
• DNS
• HTTP authentication
• Alt-Svc
• Speculative connections
• Font cache
• HTTP Strict Transport Security (HSTS)
• Online Certificate Status Protocol (OCSP)
• Intermediate CA cache
• TLS client certificates
• TLS session identifiers
• Prefetch
• Preconnect
• CORS-preflight cache

Although this will be the broadest userdata cache partitioning scheme in production once launched, Mozilla is playing catch-up in deploying one at all. Apple began partitioning Safari's browser cache in 2013 and has continued to partition it further since, and Google partitioned Chrome's HTTP cache beginning with Chrome 86, released in early October.

 

This will leave Microsoft's Internet Explorer and Edge as the last mainstream browsers with globally scoped HTTP cache. Edge will presumably get cache partitioning effectively by default as it rebases on new versions of Chromium in the future.

 

 

Firefox continues cracking down on tracking with cache partitioning