Slide 1

Slide 1 text

Chromium൛Microsoft Edgeͷ Tracking Preventionػೳ

Slide 2

Slide 2 text

• Shingo Yamazaki • Cybozu, Inc. About me zaki-yama zaki___yama

Slide 3

Slide 3 text

• PWA Night vol.13 ʙWebϒϥ΢β࠷લઢʙ ͱ͍͏ΠϕϯτͰ͓࿩͢Δ༧ఆͩͬͨ಺༰ͷ Ұ෦Ͱ͢ • Chromium൛MS Edgeʹ͍ͭͯҎલϒϩάʹ ·ͱΊͨ಺༰ͷ͏ͪɺTracking Preventionʹ ͍ͭͯ·ͱΊ௚ͨ͠΋ͷ ͜ͷεϥΠυʹ͍ͭͯ

Slide 4

Slide 4 text

Tracking PreventionҎ֎ͷ৘ใ͸ ϒϩάΛ͝ࢀর͍ͩ͘͞ ɹɾϩʔϧΞ΢τܭը ɹɾ*&Ϟʔυ ɹɾ$PMMFDUJPOTػೳ ɹFUD https://dackdive.hateblo.jp/entry/2020/02/06/090000

Slide 5

Slide 5 text

ओͳ৘ใݯ 2019೥6݄ͷهࣄ ػೳͷ֓ཁ঺հ 2019೥10݄ͷهࣄ Ξοϓσʔτ಺༰

Slide 6

Slide 6 text

Tracking Prevention ͱ͸ ͳʹ͔

Slide 7

Slide 7 text

ઃఆ > ϓϥΠόγʔͱαʔϏε

Slide 8

Slide 8 text

• จࣈ௨Γ”τϥοΩϯά๷ࢭػೳ” • τϥοΧʔαΠτ͕ɺϢʔβʔͷࣝผ͓Αͼߦಈ௥੻ͷͨ Ίʹϒϥ΢βʹ৘ใΛอଘ͠Α͏ͱ͢ΔͷΛ๷ࢭ͢Δػೳ • ଟ͘͸๚໰ͨ͠αΠτͦͷ΋ͷͰ͸ͳ͘ɺͦͷαΠτͰ ಡΈࠐΜͰ͍ΔผυϝΠϯͷϦιʔε • جຊ/όϥϯε/ߴϨϕϧɹͷ3ͭͷϨϕϧ͕ఏڙ͞Ε͓ͯ ΓɺσϑΥϧτ͸ “όϥϯε” Tracking Prevention

Slide 9

Slide 9 text

Tracking Prevention͕ߦ͏͜ͱ 3FTUSJDU TUPSBHF BDDFTT #MPDL SFTPVSDF MPBET

Slide 10

Slide 10 text

τϥοΧʔͱ൑ఆ͞ΕͨαΠτ͔ΒಡΈࠐΜͩϦιʔε͕ɺετϨʔδʹ ΞΫηε͢ΔͷΛϒϩοΫ͢Δ 1. Restrict storage access BDPN USBDLFSDPN USBDLFSDPN4FSWFS $PPLJFͷอଘ MPDBM4UPSBHF΁ͷΞΫηε FUD

Slide 11

Slide 11 text

τϥοΧʔͱ൑ఆ͞ΕͨαΠτͷϦιʔεΛͦ΋ͦ΋ಡΈࠐ·ͳ͍
 (“we may block that load before the request reaches the network”) 2. Block resource loads BDPN USBDLFSDPN USBDLFSDPN4FSWFS

Slide 12

Slide 12 text

Tracking Preventionͷྫ

Slide 13

Slide 13 text

ΞυϨεόʔͷ伴ΞΠίϯ͔Β ֬ೝͰ͖Δ

Slide 14

Slide 14 text

Tracking Preventionͷ ͘͠Έ

Slide 15

Slide 15 text

ෳ਺ͷ͘͠ΈΛ૊Έ߹Θ࣮ͤͯݱ͍ͯ͠Δ Ͳ͏͍͏͘͠Έʁ $MBTTJpDBUJPO 4JUF FOHBHFNFOU 0SHBOJ[BUJPOT

Slide 16

Slide 16 text

• ͋ΔυϝΠϯ͕ • τϥοΧʔ͔Ͳ͏͔ • Ͳ͏͍͏ΧςΰϦͷτϥοΧʔ͔ • Λ෼ྨ͢Δ͘͠Έ • ެࣜϒϩάʹΑΔͱɺDisconnectࣾͷϦετΛ࢖༻͍ͯ͠ΔΒ͠ ͍ 1. Classification

Slide 17

Slide 17 text

https://blogs.windows.com/msedgedev/2019/12/03/improving-tracking-prevention-microsoft-edge-79/

Slide 18

Slide 18 text

… https://disconnect.me/trackerprotection#categories-of-trackers

Slide 19

Slide 19 text

• ϒϩοΫ͢ΔΧςΰϦʔΛ૿΍ͤ͹૿΍͢΄Ͳ҆શʹ ͸ͳΔ͕ɺຊདྷϒϩοΫ͢΂͖Ͱͳ͍΋ͷ·Ͱϒϩο Ϋͯ͠αΠτͷಈ͖Λյͯ͠͠·͏ͱ͍͏τϨʔυΦ ϑ • “such as federated login or embedded social media content.” • →੍ݶΛ؇࿨͢ΔͨΊͷผͷ͘͠Έͱͯ͠2΍3͕͋Δ 1. Classification

Slide 20

Slide 20 text

• αΠτʹର͢ΔϢʔβʔͷΤϯήʔδϝϯτΛɺϢʔβʔͷߦಈΛ ݩʹείΞϦϯά͢Δ͘͠Έ • ϢʔβʔͷߦಈɿαΠτͷӾཡճ਺ɾ଺ࡏ࣌ؒɾϝσΟΞͷ࠶ੜ ͳͲ • 0 ʙ 100఺Ͱߴ͍΄ͲΤϯήʔδϝϯτߴ • ܭࢉ͸୺຤ϩʔΧϧʹͷΈอଘ͞ΕΔʢͷͰɺ୺຤ؒͰಉظ͸͠ͳ ͍ʣ • edge://site-engagement ͔ΒݱࡏͷείΞΛ֬ೝͰ͖Δ 2. Site engagement

Slide 21

Slide 21 text

edge://site-engagement ͷྫ

Slide 22

Slide 22 text

• ͋Δ૊৫͕ෳ਺ͷυϝΠϯ͔ΒίϯςϯπΛ഑৴͍ͯ͠Δ ৔߹ɺޡ൑ఆͯ͠Ұ෦ͷυϝΠϯͷϦιʔεΛϒϩοΫ͠ͳ ͍ͨΊͷ͘͠Έ • ෳ਺ͷυϝΠϯΛOrganizationͱ͍͏୯ҐͰ಺෦Ͱάϧʔϐ ϯά͓ͯ͘͠ • ͍ͣΕ͔ͷυϝΠϯͷSite Engagement͕͖͍͠஋Ҏ্Ͱ͋ Ε͹ɺυϝΠϯΛ·͙ͨϦιʔεಡΈࠐΈͷ੍ݶΛ؇࿨͢Δ 3. Organizations

Slide 23

Slide 23 text

͋Δ૊৫͕ org1.com ͱ org1-cdn.com ͱ͍͏υϝΠϯΛอ༗͍ͯ͠Δ Organizationsͷྫ PSHDPN PSHDEODPN PSHDEODPN4FSWFS $PPLJFͷอଘ MPDBM4UPSBHF΁ͷΞΫηε FUD PSHDPN4FSWFS

Slide 24

Slide 24 text

Edge͕ org1.com ͱ org1-cdn.com ΛಉҰOrganizationͱ൑ఆ͍ͯͯ͠ɺ ͍ͣΕ͔ͷυϝΠϯʹର͢ΔSite Engagement͕͖͍͠஋Ҏ্Ͱ͋Ε͹
 υϝΠϯΛ·͙ͨϦιʔεಡΈࠐΈͷ੍ݶ͸؇࿨͞ΕΔ Organizationsͷྫ PSHDPN PSHDEODPN PSHDEODPN4FSWFS PSHDPN4FSWFS

Slide 25

Slide 25 text

ಉҰOrganization͡Όͳͯ͘΋
 Site engagement͕͖͍͠஋Λ௒͍͑ͯΕ͹
 Ұ࣌తʹڐՄ͞ΕΔʁ https://blogs.windows.com/msedgedev/2019/12/03/improving-tracking-prevention-microsoft-edge-79/

Slide 26

Slide 26 text

3ͭͷϨϕϧʹΑΔҧ͍

Slide 27

Slide 27 text

https://blogs.windows.com/msedgedev/2019/12/03/improving-tracking-prevention-microsoft-edge-79/

Slide 28

Slide 28 text

https://blogs.windows.com/msedgedev/2019/12/03/improving-tracking-prevention-microsoft-edge-79/ $MBTTJpDBUJPOͰ෼ྨ͞Εͨ τϥοΧʔͷΧςΰϦ

Slide 29

Slide 29 text

https://blogs.windows.com/msedgedev/2019/12/03/improving-tracking-prevention-microsoft-edge-79/ 4TUPSBHFBDDFTTΛϒϩοΫ #TUPSBHFBDDFTT΋SFTPVSDFMPBET΋ϒϩοΫ ϒϩοΫͳ͠

Slide 30

Slide 30 text

https://blogs.windows.com/msedgedev/2019/12/03/improving-tracking-prevention-microsoft-edge-79/ ͨͱ͑͹ɺ&EHF࣌఺Ͱ͸ "OBMZUJDTΧςΰϦʔͷτϥοΧʔ͸ ɾʮόϥϯε #BMBODFE ʯͩͱϒϩοΫͳ͠ ɾʮߴϨϕϧ 4USJDU ʯͩͱTUPSBHFBDDFTTͷϒϩοΫ͋Γ

Slide 31

Slide 31 text

·ͱΊ

Slide 32

Slide 32 text

• ৽͍͠ChromiumϕʔεͷEdgeʹ͸ɺτϥο ΩϯάΛ๷ࢭ͢Δػೳ͕උΘ͍ͬͯΔ • ʮϒϥοΫϦετΛ࢖ͬͯػցతʹϒϩοΫ ͢Δʯ͘͠ΈͱʮϢʔβʔͷૢ࡞ͳͲͷίϯ ςΩετΛՃຯͯ͠దٓ؇࿨͢Δʯ͘͠ΈͰ ͏·͘όϥϯεΛऔΖ͏ͱ͍ͯ͠Δҹ৅ ·ͱΊ