Chromium版EdgeのTracking Prevention機能 / Tracking Prevention in Chromium-based Microsoft Edge

Transcript

1. Chromium൛Microsoft Edgeͷ Tracking Preventionػೳ

2. • Shingo Yamazaki • Cybozu, Inc. About me zaki-yama zaki___yama

3. • PWA Night vol.13 ʙWebϒϥ΢β࠷લઢʙ ͱ͍͏ΠϕϯτͰ͓࿩͢Δ༧ఆͩͬͨ಺༰ͷ Ұ෦Ͱ͢ • Chromium൛MS Edgeʹ͍ͭͯҎલϒϩάʹ

   ·ͱΊͨ಺༰ͷ͏ͪɺTracking Preventionʹ ͍ͭͯ·ͱΊ௚ͨ͠΋ͷ ͜ͷεϥΠυʹ͍ͭͯ

4. Tracking PreventionҎ֎ͷ৘ใ͸ ϒϩάΛ͝ࢀর͍ͩ͘͞ ɹɾϩʔϧΞ΢τܭը
   ɹɾ*&Ϟʔυ
   ɹɾ$PMMFDUJPOTػೳ
   ɹFUD https://dackdive.hateblo.jp/entry/2020/02/06/090000

5. ओͳ৘ใݯ 2019೥6݄ͷهࣄ ػೳͷ֓ཁ঺հ 2019೥10݄ͷهࣄ Ξοϓσʔτ಺༰

6. Tracking Prevention ͱ͸ ͳʹ͔

7. ઃఆ > ϓϥΠόγʔͱαʔϏε

8. • จࣈ௨Γ”τϥοΩϯά๷ࢭػೳ” • τϥοΧʔαΠτ͕ɺϢʔβʔͷࣝผ͓Αͼߦಈ௥੻ͷͨ Ίʹϒϥ΢βʹ৘ใΛอଘ͠Α͏ͱ͢ΔͷΛ๷ࢭ͢Δػೳ • ଟ͘͸๚໰ͨ͠αΠτͦͷ΋ͷͰ͸ͳ͘ɺͦͷαΠτͰ ಡΈࠐΜͰ͍ΔผυϝΠϯͷϦιʔε • جຊ/όϥϯε/ߴϨϕϧɹͷ3ͭͷϨϕϧ͕ఏڙ͞Ε͓ͯ

   ΓɺσϑΥϧτ͸ “όϥϯε” Tracking Prevention

9. Tracking Prevention͕ߦ͏͜ͱ 
   3FTUSJDU
   TUPSBHF
   BDDFTT 
   #MPDL
   SFTPVSDF
   MPBET

10. τϥοΧʔͱ൑ఆ͞ΕͨαΠτ͔ΒಡΈࠐΜͩϦιʔε͕ɺετϨʔδʹ ΞΫηε͢ΔͷΛϒϩοΫ͢Δ 1. Restrict storage access BDPN USBDLFSDPN USBDLFSDPN
    4FSWFS $PPLJFͷอଘ
    

    MPDBM4UPSBHF΁ͷΞΫηε
    FUD

11. τϥοΧʔͱ൑ఆ͞ΕͨαΠτͷϦιʔεΛͦ΋ͦ΋ಡΈࠐ·ͳ͍
 (“we may block that load before the request reaches

    the network”) 2. Block resource loads BDPN USBDLFSDPN USBDLFSDPN
    4FSWFS

12. Tracking Preventionͷྫ

13. ΞυϨεόʔͷ伴ΞΠίϯ͔Β ֬ೝͰ͖Δ

14. Tracking Preventionͷ ͘͠Έ

15. ෳ਺ͷ͘͠ΈΛ૊Έ߹Θ࣮ͤͯݱ͍ͯ͠Δ Ͳ͏͍͏͘͠Έʁ 
    $MBTTJpDBUJPO 
    4JUF
    FOHBHFNFOU 
    0SHBOJ[BUJPOT

16. • ͋ΔυϝΠϯ͕ • τϥοΧʔ͔Ͳ͏͔ • Ͳ͏͍͏ΧςΰϦͷτϥοΧʔ͔ • Λ෼ྨ͢Δ͘͠Έ • ެࣜϒϩάʹΑΔͱɺDisconnectࣾͷϦετΛ࢖༻͍ͯ͠ΔΒ͠

    ͍ 1. Classification

17. https://blogs.windows.com/msedgedev/2019/12/03/improving-tracking-prevention-microsoft-edge-79/

18. … https://disconnect.me/trackerprotection#categories-of-trackers

19. • ϒϩοΫ͢ΔΧςΰϦʔΛ૿΍ͤ͹૿΍͢΄Ͳ҆શʹ ͸ͳΔ͕ɺຊདྷϒϩοΫ͢΂͖Ͱͳ͍΋ͷ·Ͱϒϩο Ϋͯ͠αΠτͷಈ͖Λյͯ͠͠·͏ͱ͍͏τϨʔυΦ ϑ • “such as federated login

    or embedded social media content.” • →੍ݶΛ؇࿨͢ΔͨΊͷผͷ͘͠Έͱͯ͠2΍3͕͋Δ 1. Classification

20. • αΠτʹର͢ΔϢʔβʔͷΤϯήʔδϝϯτΛɺϢʔβʔͷߦಈΛ ݩʹείΞϦϯά͢Δ͘͠Έ • ϢʔβʔͷߦಈɿαΠτͷӾཡճ਺ɾ଺ࡏ࣌ؒɾϝσΟΞͷ࠶ੜ ͳͲ • 0 ʙ 100఺Ͱߴ͍΄ͲΤϯήʔδϝϯτߴ

    • ܭࢉ͸୺຤ϩʔΧϧʹͷΈอଘ͞ΕΔʢͷͰɺ୺຤ؒͰಉظ͸͠ͳ ͍ʣ • edge://site-engagement ͔ΒݱࡏͷείΞΛ֬ೝͰ͖Δ 2. Site engagement

21. edge://site-engagement ͷྫ

22. • ͋Δ૊৫͕ෳ਺ͷυϝΠϯ͔ΒίϯςϯπΛ഑৴͍ͯ͠Δ ৔߹ɺޡ൑ఆͯ͠Ұ෦ͷυϝΠϯͷϦιʔεΛϒϩοΫ͠ͳ ͍ͨΊͷ͘͠Έ • ෳ਺ͷυϝΠϯΛOrganizationͱ͍͏୯ҐͰ಺෦Ͱάϧʔϐ ϯά͓ͯ͘͠ • ͍ͣΕ͔ͷυϝΠϯͷSite Engagement͕͖͍͠஋Ҏ্Ͱ͋

    Ε͹ɺυϝΠϯΛ·͙ͨϦιʔεಡΈࠐΈͷ੍ݶΛ؇࿨͢Δ 3. Organizations

23. ͋Δ૊৫͕ org1.com ͱ org1-cdn.com ͱ͍͏υϝΠϯΛอ༗͍ͯ͠Δ Organizationsͷྫ PSHDPN PSHDEODPN PSHDEODPN
    4FSWFS $PPLJFͷอଘ
    

    MPDBM4UPSBHF΁ͷΞΫηε
    FUD PSHDPN
    4FSWFS

24. Edge͕ org1.com ͱ org1-cdn.com ΛಉҰOrganizationͱ൑ఆ͍ͯͯ͠ɺ ͍ͣΕ͔ͷυϝΠϯʹର͢ΔSite Engagement͕͖͍͠஋Ҏ্Ͱ͋Ε͹
 υϝΠϯΛ·͙ͨϦιʔεಡΈࠐΈͷ੍ݶ͸؇࿨͞ΕΔ Organizationsͷྫ PSHDPN

    PSHDEODPN PSHDEODPN
    4FSWFS PSHDPN
    4FSWFS

25. ಉҰOrganization͡Όͳͯ͘΋
 Site engagement͕͖͍͠஋Λ௒͍͑ͯΕ͹
 Ұ࣌తʹڐՄ͞ΕΔʁ https://blogs.windows.com/msedgedev/2019/12/03/improving-tracking-prevention-microsoft-edge-79/

26. 3ͭͷϨϕϧʹΑΔҧ͍

27. https://blogs.windows.com/msedgedev/2019/12/03/improving-tracking-prevention-microsoft-edge-79/

28. https://blogs.windows.com/msedgedev/2019/12/03/improving-tracking-prevention-microsoft-edge-79/ $MBTTJpDBUJPOͰ෼ྨ͞Εͨ
    τϥοΧʔͷΧςΰϦ

29. https://blogs.windows.com/msedgedev/2019/12/03/improving-tracking-prevention-microsoft-edge-79/ 4
    TUPSBHF
    BDDFTTΛϒϩοΫ
    #
    TUPSBHF
    BDDFTT΋SFTPVSDF
    MPBET΋ϒϩοΫ
    
    ϒϩοΫͳ͠

30. https://blogs.windows.com/msedgedev/2019/12/03/improving-tracking-prevention-microsoft-edge-79/ ͨͱ͑͹ɺ&EHF
    ࣌఺Ͱ͸
    "OBMZUJDTΧςΰϦʔͷτϥοΧʔ͸
    ɾʮόϥϯε #BMBODFE ʯͩͱϒϩοΫͳ͠
    ɾʮߴϨϕϧ 4USJDU ʯͩͱTUPSBHF
    BDDFTTͷϒϩοΫ͋Γ

31. ·ͱΊ

32. • ৽͍͠ChromiumϕʔεͷEdgeʹ͸ɺτϥο ΩϯάΛ๷ࢭ͢Δػೳ͕උΘ͍ͬͯΔ • ʮϒϥοΫϦετΛ࢖ͬͯػցతʹϒϩοΫ ͢Δʯ͘͠ΈͱʮϢʔβʔͷૢ࡞ͳͲͷίϯ ςΩετΛՃຯͯ͠దٓ؇࿨͢Δʯ͘͠ΈͰ ͏·͘όϥϯεΛऔΖ͏ͱ͍ͯ͠Δҹ৅ ·ͱΊ