Chromium版EdgeのTracking Prevention機能 / Tracking Prevention in Chromium-based Microsoft Edge

Transcript

1. 1.

   Chromium൛Microsoft Edgeͷ Tracking Preventionػೳ

2. 2.

   • Shingo Yamazaki • Cybozu, Inc. About me zaki-yama zaki___yama

3. 3.

   • PWA Night vol.13 ʙWebϒϥ΢β࠷લઢʙ ͱ͍͏ΠϕϯτͰ͓࿩͢Δ༧ఆͩͬͨ಺༰ͷ Ұ෦Ͱ͢ • Chromium൛MS Edgeʹ͍ͭͯҎલϒϩάʹ

   ·ͱΊͨ಺༰ͷ͏ͪɺTracking Preventionʹ ͍ͭͯ·ͱΊ௚ͨ͠΋ͷ ͜ͷεϥΠυʹ͍ͭͯ
4. 4.

   Tracking PreventionҎ֎ͷ৘ใ͸ ϒϩάΛ͝ࢀর͍ͩ͘͞ ɹɾϩʔϧΞ΢τܭը
   ɹɾ*&Ϟʔυ
   ɹɾ$PMMFDUJPOTػೳ
   ɹFUD https://dackdive.hateblo.jp/entry/2020/02/06/090000

5. 5.

   ओͳ৘ใݯ 2019೥6݄ͷهࣄ ػೳͷ֓ཁ঺հ 2019೥10݄ͷهࣄ Ξοϓσʔτ಺༰

6. 6.

   Tracking Prevention ͱ͸ ͳʹ͔

7. 7.

   ઃఆ > ϓϥΠόγʔͱαʔϏε

8. 8.

   • จࣈ௨Γ”τϥοΩϯά๷ࢭػೳ” • τϥοΧʔαΠτ͕ɺϢʔβʔͷࣝผ͓Αͼߦಈ௥੻ͷͨ Ίʹϒϥ΢βʹ৘ใΛอଘ͠Α͏ͱ͢ΔͷΛ๷ࢭ͢Δػೳ • ଟ͘͸๚໰ͨ͠αΠτͦͷ΋ͷͰ͸ͳ͘ɺͦͷαΠτͰ ಡΈࠐΜͰ͍ΔผυϝΠϯͷϦιʔε • جຊ/όϥϯε/ߴϨϕϧɹͷ3ͭͷϨϕϧ͕ఏڙ͞Ε͓ͯ

   ΓɺσϑΥϧτ͸ “όϥϯε” Tracking Prevention
9. 9.

   Tracking Prevention͕ߦ͏͜ͱ 
   3FTUSJDU
   TUPSBHF
   BDDFTT 
   #MPDL
   SFTPVSDF
   MPBET

10. 10.

    τϥοΧʔͱ൑ఆ͞ΕͨαΠτ͔ΒಡΈࠐΜͩϦιʔε͕ɺετϨʔδʹ ΞΫηε͢ΔͷΛϒϩοΫ͢Δ 1. Restrict storage access BDPN USBDLFSDPN USBDLFSDPN
    4FSWFS $PPLJFͷอଘ
    

    MPDBM4UPSBHF΁ͷΞΫηε
    FUD
11. 11.

    τϥοΧʔͱ൑ఆ͞ΕͨαΠτͷϦιʔεΛͦ΋ͦ΋ಡΈࠐ·ͳ͍
 (“we may block that load before the request reaches

    the network”) 2. Block resource loads BDPN USBDLFSDPN USBDLFSDPN
    4FSWFS
12. 12.

    Tracking Preventionͷྫ

13. 13.

    ΞυϨεόʔͷ伴ΞΠίϯ͔Β ֬ೝͰ͖Δ

14. 14.

    Tracking Preventionͷ ͘͠Έ

15. 15.

    ෳ਺ͷ͘͠ΈΛ૊Έ߹Θ࣮ͤͯݱ͍ͯ͠Δ Ͳ͏͍͏͘͠Έʁ 
    $MBTTJpDBUJPO 
    4JUF
    FOHBHFNFOU 
    0SHBOJ[BUJPOT

16. 16.

    • ͋ΔυϝΠϯ͕ • τϥοΧʔ͔Ͳ͏͔ • Ͳ͏͍͏ΧςΰϦͷτϥοΧʔ͔ • Λ෼ྨ͢Δ͘͠Έ • ެࣜϒϩάʹΑΔͱɺDisconnectࣾͷϦετΛ࢖༻͍ͯ͠ΔΒ͠

    ͍ 1. Classification
17. 17.

    https://blogs.windows.com/msedgedev/2019/12/03/improving-tracking-prevention-microsoft-edge-79/

18. 18.

    … https://disconnect.me/trackerprotection#categories-of-trackers

19. 19.

    • ϒϩοΫ͢ΔΧςΰϦʔΛ૿΍ͤ͹૿΍͢΄Ͳ҆શʹ ͸ͳΔ͕ɺຊདྷϒϩοΫ͢΂͖Ͱͳ͍΋ͷ·Ͱϒϩο Ϋͯ͠αΠτͷಈ͖Λյͯ͠͠·͏ͱ͍͏τϨʔυΦ ϑ • “such as federated login

    or embedded social media content.” • →੍ݶΛ؇࿨͢ΔͨΊͷผͷ͘͠Έͱͯ͠2΍3͕͋Δ 1. Classification
20. 20.

    • αΠτʹର͢ΔϢʔβʔͷΤϯήʔδϝϯτΛɺϢʔβʔͷߦಈΛ ݩʹείΞϦϯά͢Δ͘͠Έ • ϢʔβʔͷߦಈɿαΠτͷӾཡճ਺ɾ଺ࡏ࣌ؒɾϝσΟΞͷ࠶ੜ ͳͲ • 0 ʙ 100఺Ͱߴ͍΄ͲΤϯήʔδϝϯτߴ

    • ܭࢉ͸୺຤ϩʔΧϧʹͷΈอଘ͞ΕΔʢͷͰɺ୺຤ؒͰಉظ͸͠ͳ ͍ʣ • edge://site-engagement ͔ΒݱࡏͷείΞΛ֬ೝͰ͖Δ 2. Site engagement
21. 21.

    edge://site-engagement ͷྫ

22. 22.

    • ͋Δ૊৫͕ෳ਺ͷυϝΠϯ͔ΒίϯςϯπΛ഑৴͍ͯ͠Δ ৔߹ɺޡ൑ఆͯ͠Ұ෦ͷυϝΠϯͷϦιʔεΛϒϩοΫ͠ͳ ͍ͨΊͷ͘͠Έ • ෳ਺ͷυϝΠϯΛOrganizationͱ͍͏୯ҐͰ಺෦Ͱάϧʔϐ ϯά͓ͯ͘͠ • ͍ͣΕ͔ͷυϝΠϯͷSite Engagement͕͖͍͠஋Ҏ্Ͱ͋

    Ε͹ɺυϝΠϯΛ·͙ͨϦιʔεಡΈࠐΈͷ੍ݶΛ؇࿨͢Δ 3. Organizations
23. 23.

    ͋Δ૊৫͕ org1.com ͱ org1-cdn.com ͱ͍͏υϝΠϯΛอ༗͍ͯ͠Δ Organizationsͷྫ PSHDPN PSHDEODPN PSHDEODPN
    4FSWFS $PPLJFͷอଘ
    

    MPDBM4UPSBHF΁ͷΞΫηε
    FUD PSHDPN
    4FSWFS
24. 24.

    Edge͕ org1.com ͱ org1-cdn.com ΛಉҰOrganizationͱ൑ఆ͍ͯͯ͠ɺ ͍ͣΕ͔ͷυϝΠϯʹର͢ΔSite Engagement͕͖͍͠஋Ҏ্Ͱ͋Ε͹
 υϝΠϯΛ·͙ͨϦιʔεಡΈࠐΈͷ੍ݶ͸؇࿨͞ΕΔ Organizationsͷྫ PSHDPN

    PSHDEODPN PSHDEODPN
    4FSWFS PSHDPN
    4FSWFS
25. 25.

    ಉҰOrganization͡Όͳͯ͘΋
 Site engagement͕͖͍͠஋Λ௒͍͑ͯΕ͹
 Ұ࣌తʹڐՄ͞ΕΔʁ https://blogs.windows.com/msedgedev/2019/12/03/improving-tracking-prevention-microsoft-edge-79/

26. 26.

    3ͭͷϨϕϧʹΑΔҧ͍

27. 27.

    https://blogs.windows.com/msedgedev/2019/12/03/improving-tracking-prevention-microsoft-edge-79/

28. 28.

    https://blogs.windows.com/msedgedev/2019/12/03/improving-tracking-prevention-microsoft-edge-79/ $MBTTJpDBUJPOͰ෼ྨ͞Εͨ
    τϥοΧʔͷΧςΰϦ

29. 29.

    https://blogs.windows.com/msedgedev/2019/12/03/improving-tracking-prevention-microsoft-edge-79/ 4
    TUPSBHF
    BDDFTTΛϒϩοΫ
    #
    TUPSBHF
    BDDFTT΋SFTPVSDF
    MPBET΋ϒϩοΫ
    
    ϒϩοΫͳ͠

30. 30.

    https://blogs.windows.com/msedgedev/2019/12/03/improving-tracking-prevention-microsoft-edge-79/ ͨͱ͑͹ɺ&EHF
    ࣌఺Ͱ͸
    "OBMZUJDTΧςΰϦʔͷτϥοΧʔ͸
    ɾʮόϥϯε #BMBODFE ʯͩͱϒϩοΫͳ͠
    ɾʮߴϨϕϧ 4USJDU ʯͩͱTUPSBHF
    BDDFTTͷϒϩοΫ͋Γ

31. 31.

    ·ͱΊ

32. 32.

    • ৽͍͠ChromiumϕʔεͷEdgeʹ͸ɺτϥο ΩϯάΛ๷ࢭ͢Δػೳ͕උΘ͍ͬͯΔ • ʮϒϥοΫϦετΛ࢖ͬͯػցతʹϒϩοΫ ͢Δʯ͘͠ΈͱʮϢʔβʔͷૢ࡞ͳͲͷίϯ ςΩετΛՃຯͯ͠దٓ؇࿨͢Δʯ͘͠ΈͰ ͏·͘όϥϯεΛऔΖ͏ͱ͍ͯ͠Δҹ৅ ·ͱΊ