Slide 1
Slide 1 text
Chromium൛Microsoft Edgeͷ
Tracking Preventionػೳ
Slide 2
Slide 2 text
• Shingo Yamazaki
• Cybozu, Inc.
About me
zaki-yama
zaki___yama
Slide 3
Slide 3 text
• PWA Night vol.13 ʙWebϒϥβ࠷લઢʙ
ͱ͍͏ΠϕϯτͰ͓͢Δ༧ఆͩͬͨ༰ͷ
Ұ෦Ͱ͢
• Chromium൛MS Edgeʹ͍ͭͯҎલϒϩάʹ
·ͱΊͨ༰ͷ͏ͪɺTracking Preventionʹ
͍ͭͯ·ͱΊͨ͠ͷ
͜ͷεϥΠυʹ͍ͭͯ
Slide 4
Slide 4 text
Tracking PreventionҎ֎ͷใ
ϒϩάΛ͝ࢀর͍ͩ͘͞
ɹɾϩʔϧΞτܭը
ɹɾ*&Ϟʔυ
ɹɾ$PMMFDUJPOTػೳ
ɹFUD
https://dackdive.hateblo.jp/entry/2020/02/06/090000
Slide 5
Slide 5 text
ओͳใݯ
20196݄ͷهࣄ
ػೳͷ֓ཁհ
201910݄ͷهࣄ
Ξοϓσʔτ༰
Slide 6
Slide 6 text
Tracking Prevention ͱ
ͳʹ͔
Slide 7
Slide 7 text
ઃఆ > ϓϥΠόγʔͱαʔϏε
Slide 8
Slide 8 text
• จࣈ௨Γ”τϥοΩϯάࢭػೳ”
• τϥοΧʔαΠτ͕ɺϢʔβʔͷࣝผ͓Αͼߦಈͷͨ
ΊʹϒϥβʹใΛอଘ͠Α͏ͱ͢ΔͷΛࢭ͢Δػೳ
• ଟ͘๚ͨ͠αΠτͦͷͷͰͳ͘ɺͦͷαΠτͰ
ಡΈࠐΜͰ͍ΔผυϝΠϯͷϦιʔε
• جຊ/όϥϯε/ߴϨϕϧɹͷ3ͭͷϨϕϧ͕ఏڙ͞Ε͓ͯ
ΓɺσϑΥϧτ “όϥϯε”
Tracking Prevention
Slide 9
Slide 9 text
Tracking Prevention͕ߦ͏͜ͱ
3FTUSJDU
TUPSBHF
BDDFTT
#MPDL
SFTPVSDF
MPBET
Slide 10
Slide 10 text
τϥοΧʔͱఆ͞ΕͨαΠτ͔ΒಡΈࠐΜͩϦιʔε͕ɺετϨʔδʹ
ΞΫηε͢ΔͷΛϒϩοΫ͢Δ
1. Restrict storage access
BDPN
USBDLFSDPN USBDLFSDPN4FSWFS
$PPLJFͷอଘ
MPDBM4UPSBHFͷΞΫηε
FUD
Slide 11
Slide 11 text
τϥοΧʔͱఆ͞ΕͨαΠτͷϦιʔεΛͦͦಡΈࠐ·ͳ͍
(“we may block that load before the request reaches the network”)
2. Block resource loads
BDPN
USBDLFSDPN USBDLFSDPN4FSWFS
Slide 12
Slide 12 text
Tracking Preventionͷྫ
Slide 13
Slide 13 text
ΞυϨεόʔͷ伴ΞΠίϯ͔Β
֬ೝͰ͖Δ
Slide 14
Slide 14 text
Tracking Preventionͷ
͘͠Έ
Slide 15
Slide 15 text
ෳͷ͘͠ΈΛΈ߹Θ࣮ͤͯݱ͍ͯ͠Δ
Ͳ͏͍͏͘͠Έʁ
$MBTTJpDBUJPO
4JUF
FOHBHFNFOU
0SHBOJ[BUJPOT
Slide 16
Slide 16 text
• ͋ΔυϝΠϯ͕
• τϥοΧʔ͔Ͳ͏͔
• Ͳ͏͍͏ΧςΰϦͷτϥοΧʔ͔
• Λྨ͢Δ͘͠Έ
• ެࣜϒϩάʹΑΔͱɺDisconnectࣾͷϦετΛ༻͍ͯ͠ΔΒ͠
͍
1. Classification
Slide 17
Slide 17 text
https://blogs.windows.com/msedgedev/2019/12/03/improving-tracking-prevention-microsoft-edge-79/
Slide 18
Slide 18 text
…
https://disconnect.me/trackerprotection#categories-of-trackers
Slide 19
Slide 19 text
• ϒϩοΫ͢ΔΧςΰϦʔΛ૿ͤ૿͢΄Ͳ҆શʹ
ͳΔ͕ɺຊདྷϒϩοΫ͖͢Ͱͳ͍ͷ·Ͱϒϩο
Ϋͯ͠αΠτͷಈ͖Λյͯ͠͠·͏ͱ͍͏τϨʔυΦ
ϑ
• “such as federated login or embedded social
media content.”
• →੍ݶΛ؇͢ΔͨΊͷผͷ͘͠Έͱͯ͠23͕͋Δ
1. Classification
Slide 20
Slide 20 text
• αΠτʹର͢ΔϢʔβʔͷΤϯήʔδϝϯτΛɺϢʔβʔͷߦಈΛ
ݩʹείΞϦϯά͢Δ͘͠Έ
• ϢʔβʔͷߦಈɿαΠτͷӾཡճɾࡏ࣌ؒɾϝσΟΞͷ࠶ੜ
ͳͲ
• 0 ʙ 100Ͱߴ͍΄ͲΤϯήʔδϝϯτߴ
• ܭࢉϩʔΧϧʹͷΈอଘ͞ΕΔʢͷͰɺؒͰಉظ͠ͳ
͍ʣ
• edge://site-engagement ͔ΒݱࡏͷείΞΛ֬ೝͰ͖Δ
2. Site engagement
Slide 21
Slide 21 text
edge://site-engagement ͷྫ
Slide 22
Slide 22 text
• ͋Δ৫͕ෳͷυϝΠϯ͔ΒίϯςϯπΛ৴͍ͯ͠Δ
߹ɺޡఆͯ͠Ұ෦ͷυϝΠϯͷϦιʔεΛϒϩοΫ͠ͳ
͍ͨΊͷ͘͠Έ
• ෳͷυϝΠϯΛOrganizationͱ͍͏୯ҐͰ෦Ͱάϧʔϐ
ϯά͓ͯ͘͠
• ͍ͣΕ͔ͷυϝΠϯͷSite Engagement͕͖͍͠Ҏ্Ͱ͋
ΕɺυϝΠϯΛ·͙ͨϦιʔεಡΈࠐΈͷ੍ݶΛ؇͢Δ
3. Organizations
Slide 23
Slide 23 text
͋Δ৫͕ org1.com ͱ org1-cdn.com ͱ͍͏υϝΠϯΛอ༗͍ͯ͠Δ
Organizationsͷྫ
PSHDPN
PSHDEODPN
PSHDEODPN4FSWFS
$PPLJFͷอଘ
MPDBM4UPSBHFͷΞΫηε
FUD
PSHDPN4FSWFS
Slide 24
Slide 24 text
Edge͕ org1.com ͱ org1-cdn.com ΛಉҰOrganizationͱఆ͍ͯͯ͠ɺ
͍ͣΕ͔ͷυϝΠϯʹର͢ΔSite Engagement͕͖͍͠Ҏ্Ͱ͋Ε
υϝΠϯΛ·͙ͨϦιʔεಡΈࠐΈͷ੍ݶ؇͞ΕΔ
Organizationsͷྫ
PSHDPN
PSHDEODPN
PSHDEODPN4FSWFS
PSHDPN4FSWFS
Slide 25
Slide 25 text
ಉҰOrganization͡Όͳͯ͘
Site engagement͕͖͍͠Λ͍͑ͯΕ
Ұ࣌తʹڐՄ͞ΕΔʁ
https://blogs.windows.com/msedgedev/2019/12/03/improving-tracking-prevention-microsoft-edge-79/
Slide 26
Slide 26 text
3ͭͷϨϕϧʹΑΔҧ͍
Slide 27
Slide 27 text
https://blogs.windows.com/msedgedev/2019/12/03/improving-tracking-prevention-microsoft-edge-79/
Slide 28
Slide 28 text
https://blogs.windows.com/msedgedev/2019/12/03/improving-tracking-prevention-microsoft-edge-79/
$MBTTJpDBUJPOͰྨ͞Εͨ
τϥοΧʔͷΧςΰϦ
Slide 29
Slide 29 text
https://blogs.windows.com/msedgedev/2019/12/03/improving-tracking-prevention-microsoft-edge-79/
4TUPSBHFBDDFTTΛϒϩοΫ
#TUPSBHFBDDFTTSFTPVSDFMPBETϒϩοΫ
ϒϩοΫͳ͠
Slide 30
Slide 30 text
https://blogs.windows.com/msedgedev/2019/12/03/improving-tracking-prevention-microsoft-edge-79/
ͨͱ͑ɺ&EHF࣌Ͱ
"OBMZUJDTΧςΰϦʔͷτϥοΧʔ
ɾʮόϥϯε #BMBODFE
ʯͩͱϒϩοΫͳ͠
ɾʮߴϨϕϧ 4USJDU
ʯͩͱTUPSBHFBDDFTTͷϒϩοΫ͋Γ
Slide 31
Slide 31 text
·ͱΊ
Slide 32
Slide 32 text
• ৽͍͠ChromiumϕʔεͷEdgeʹɺτϥο
ΩϯάΛࢭ͢Δػೳ͕උΘ͍ͬͯΔ
• ʮϒϥοΫϦετΛͬͯػցతʹϒϩοΫ
͢Δʯ͘͠ΈͱʮϢʔβʔͷૢ࡞ͳͲͷίϯ
ςΩετΛՃຯͯ͠దٓ؇͢Δʯ͘͠ΈͰ
͏·͘όϥϯεΛऔΖ͏ͱ͍ͯ͠Δҹ
·ͱΊ