Here's an easy-to-understand explanation of how Firefox's tracking prevention measure 'State Partitioning' works.



Firefox enhanced its privacy protection features in

Firefox 86 , released in February 2021, and introduced a new tracking prevention feature called State Partitioning . Mozilla engineer Johann Hoffmann explains how this State Partitioning works.

Introducing State Partitioning --Mozilla Hacks --the Web developer blog
https://hacks.mozilla.org/2021/02/introducing-state-partitioning/



Websites with embedded third-party cookies can also track the behavior of users after they leave the website, and behavioral analysis enables them to identify their interests and display effective advertisements. On the other hand, such tracking has been regulated or abolished from the viewpoint of privacy in recent years as it collects excessive personal information.

Mozilla, which develops Firefox, has long devised a mechanism to prevent user tracking, and Firefox 85 released in January 2021 has also introduced a mechanism to prevent tracking by a new method called super cookie .

Regarding the new anti-tracking measure 'State Partitioning' introduced in 'Firefox 86', Hoffman explained as a preliminary step, 'First we need to understand how the stateful Web API works.' 'Stateful' means communication that causes a login, and Mozilla positions the stateful Web API as 'an API that stores data such as cookies, sessions, and caches on the device.'

Originally, stateful web APIs weren't created for tracking, but for sharing some State with multiple web services, whether first-party or third-party.

In the case of tracking using a third-party cookie, by embedding the cookie of the website 'www.tracker.com' as a third-party cookie in the websites 'foo.com' and 'bar.com', 'www.tracker. 'com' will be able to connect to your activities on both sites using cookies as identifiers.



Firefox's

Enhanced Tracking Protection (ETP) blocks access to share states, but ETP blocks based on a list of popular trackers, so the list is always up-to-date. And if it's not perfect, you'll have trackers that can't be blocked. Also, since the tracker can avoid ETP by registering a new domain name, there is a limitation that it will inevitably be shaped like a 'cat and mouse'.

State Partitioning was developed by Mozilla to address this issue. State Partitioning is a mechanism that prevents third parties from sharing State without completely blocking cookie access. Shared states such as cookies and localStorage are separated and can only be used on the website that issued each cookie.

Among them, Firefox uses a mechanism called 'Double Keying' to add information such as 'when viewing which page' and 'where it was given' to the cookie . This prevents users from tracking information even if they are looking at a website that has the same 'www.tracker.com' third-party cookie embedded in it, as it is considered a different cookie.

In Firefox using Double Keying, the foo.com cookie key is saved as 'www.tracker.com ^ www.foo.com' and the bar.com cookie key is saved as 'www.tracker.com ^ bar.com'. As a result, the function as a tracker for identifying individuals will be lost from third-party cookies.



This mechanism enables a wide range of tracking prevention while using cookies and storage as usual.

On the other hand, using State Partitioning causes the problem that services using third-party cookies such as

single sign-on (SSO) are interrupted.



For this reason, Firefox's State Partitioning can not separate the State only in specific cases, and the Double Keying function will stop when non-separation is enabled. There are two possible cases where Firefox enables non-isolation:

1. 1. When the embedded iframe calls the Storage Access API
2. Judgment by automated heuristics

The Storage Access API is a new JavaScript API proposed by Mozilla to handle tracking prevention 'exceptions'. The Mozilla is the heuristic of the policy of allowing the storage access in the case of 'the most common scenarios for using a third-party storage on the web,' we have set . It is said that non-separation will be effective when these two cases are applicable.

in Software, Posted by logq_fa