Tighten network quality estimates for improved privacy #64
Comments
|
I understand that there are security concerns with exposing these properties, but setting an upper limit on Nowadays, when gigabit internet connections are available to consumers, Will imposing a lower limit on kbps instead help to improve privacy? Please consider removing the upper kbps limit (or at least increasing its value to keep with the times). |
|
Can you explain a bit more what you mean by cross-origin fingerprinting? Also, which hostname are you referring to in step 1? The hostname of the document making the NetInfo call? |
The main concern was that two different origins may be able to correlate fetches from a single user (i.e., determine if the two fetches come from the same user). @msramek touched upon this a bit in this comment.
The hostname of the origin which is running the JavaScript. |
Three changes have been suggested in the network quality exposed via JS API. The goal here is to reduce the chances for cross-origin fingerprinting:
Up to 10% random noise should be added to the network quality estimates before exposing it via Javascript API. The noise should be a function of the hostname, and the noise should remain constant for a given hostname.
The current bucket size in the network quality estimates is 25 msec (for RTT) and 25 Kbps (for downlink). This means currently the estimate is rounded off to the nearest 25 msec or 25 kbps before exposing it via JS API. The bucket size can be updated to 50 msec / 50 kbps.
The upper limit on the estimates should be added. For RTT, the upper limit can be 3000 msec, and for kbps it can be 10000 kbps.
The text was updated successfully, but these errors were encountered: