'Users can be identified from browsing history of web browser,' Mozilla researchers announced

Researchers at Mozilla, who are developing Firefox for web browsers, have announced that they were able to identify individuals with high accuracy using only their browsing history. It is widely believed that this announcement overturns the idea that anonymized browsing history will not be misused by advertisers of online advertising.

Replication: Why We Still Can't Browse in Peace: On the Uniqueness and Reidentifiability of Web Browsing Histories | USENIX


Mozilla: there is a high probability that your browsing history can be used to identify you-gHacks Tech News

Mozilla research: Browsing histories are unique enough to reliably identify users | ZDNet

Mozilla security researchers Sarah Bird, Ilana Segal, and Martin Lopatka said at a security conference held by UNIX-related research and development organization USENIX on September 1, 2020 We have announced the results of research that makes it possible to identify individuals.


Ash Geeky

Bird's research team pointed out the privacy problem of browsing history (PDF file) In order to investigate further from the 2012 research , we recruited 52,000 Firefox users as experiment participants. We compared the browsing history provided by the participants for one week with the browsing history for the next week, and investigated how accurately the user could be identified.

As a result, the research team succeeded in creating 48,919 user profiles. 99% of these profiles were unique, meaning that they could not be identified because they were not the same. In the survey, the research team gathered browsing history to about 660,000 domains and about 35 million websites, but only a dataset using browsing history to only 50 domains However, he said he was able to identify an individual with about 50% accuracy. Furthermore, the research team reported that the identification rate reached 80% or more when the number of domains was increased to 150.

The research team also pointed out that among the top 10,000 visited sites, Facebook collects access history from 7348 sites and Google's parent company Alphabet reaches 9823 sites. At the end of the paper, he concludes, ' Third-party companies such as Google and Facebook may have achieved nearly the same accuracy rate as our study, which captures all domains visited.'

ZDNet, an IT news site that highlighted the announcement, said, 'Mozilla's findings suggest that analytics companies and online advertisers don't need huge browsing data to track users. Even if the data is anonymized and the user name is deleted or the URL address other than the domain is truncated, only the user's habits and favorite sites will be known, and the identity will be finally revealed. I pointed out.

Ghacks, a technology blog that deals with browser-related news, said, 'We recommend that you make good use of browser protections to diminish the tracking capabilities of third-party companies. For example, disable or limit cookies . , Firefox container function , change privacy settings, regularly delete data, introduce extensions to enhance privacy, etc. However, these methods do not completely eliminate the problem. Perhaps,' he said, saying that complete privacy protection is no longer possible.

in Software,   Security, Posted by log1l_ks