Upgrade to Pro — share decks privately, control downloads, hide ads and more …

最新のブラウザで変わるCookieの取り扱いやPrivacyの考え方

 最新のブラウザで変わるCookieの取り扱いやPrivacyの考え方

2020/02/13 DevSumi 発表資料

Yosuke Furukawa

February 13, 2020
Tweet

More Decks by Yosuke Furukawa

Other Decks in Programming

Transcript

  1. 'JSFGPY 4BGBSJ ɾ*OUFMMJHFOU5SBDLJOH1SFWFOUJPO τϥοΩϯάΛ๷ࢭ͢Δ࢓૊Έ SEQBSUZDPPLJFΛอଘ͠ͳ͍ +BWB4DSJQU͔ΒͷDPPLJF΋೔͔͠อଘ͠ͳ͍ શͯͷΫϩεαΠτϦΫΤετͷ3FGFSFSΛ0SJHJO͚ͩʹ ɾ&OIBODFE5SBDLJOH1SPUFDUJPO τϥοΩϯάΛ๷ࢭ͢Δ࢓૊Έ *51ͱ΄΅Ұॹ

     ϒϥοΫϦετܗࣜͷϦετ͕͋ΓɺͦͷϦετʹϚον͢Δͱอଘ͞ Εͳ͍ ϒϥοΫϦετʹࡌ͍ͬͯΔυϝΠϯ͔Β͸'JOHFSQSJOUJOHTDSJQU Λಈ࡞ͤ͞ͳ͍ɻ6"ͳͲͷจࣈྻΛऔΒͤͳ͍ɻ ɾ%/40WFS)5514 %/4RVFSZ΋IUUQTʹͯ͠҉߸ԽɺӾཡઌΛ൑ผͰ͖ͳ͍Α͏ʹ͢Δ
  2. 3rd Party Cookie͕ಈ͔ͳ͘ͳ Δ࢓૊Έ 4FSWFS BDPN 1BHF DDPN CDPN IUUQTBDPNJOEFYIUNM

    4FSWFS CDPN 4FSWFS DDPN 4FU$PPLJF 4FU$PPLJF 4FU$PPLJF ✓ OK ✗ NG ✗ NG
  3. 3rd Party Cookie͕ಈ͔ͳ͘ͳ Δ࢓૊Έ 4FSWFS BDPN 1BHF DDPN CDPN IUUQTBDPNJOEFYIUNM

    4FSWFS CDPN 4FSWFS DDPN 4FU$PPLJF 4FU$PPLJF 4FU$PPLJF ✓ OK ✗ NG ✗ NG ֤ϒϥ΢βಈ͖͕ඍົʹҟͳΔ͕ɺجຊతʹSEQBSUZDPPLJFࣗମ͸࢖͍෺ʹ ͳΒͳ͘ͳΔɻ4BGBSJ͸ͦ΋ͦ΋อଘ͞Εͳ͍ɺ'JSFGPY͸ϒϥοΫϦετʹ ࡌͬͯͨΒอଘ͠ͳ͍ɺ$ISPNF͸$PPLJFͷଐੑ 4BNF4JUF ͰରԠ
  4. • a.com ʹ๚໰ͨ͠ͱ͢Δɻͦ͜Ͱ b.com ͷ޿ ࠂΛݟͨͱ͢Δɻ • ͦͷ৔߹ཪͰ͸ɺ `Set-Cookie` ϔομͰ

    Cookie͕ొ࿥͞ΕΔɻ Cookie ͷ࢓૊Έ 1BHF CDPN BE IUUQTBDPNJOEFYIUNM CDPN$PPLJF4UPSF JE  CDPN΁ͷJE͕ه࿥͞ΕΔ 4FU$PPLJFJE
  5. • ͜ͷ࣌ɺ b.com Ͱ͸ id=123456789; ͷਓ͕ a.com ͔Βདྷͨ͜ͱ͕͋Δࣄɺ࠶౓ b.com ͷ

    ޿ࠂΛݟ͍ͯΔ͜ͱͳͲΛࣗ෼ͷDBʹه࿥͢ Δ Cookie ͷ࢓૊Έ 1BHF CDPN BE IUUQTBDPNJOEFYIUNM CDPN΁ͷϦΫΤετ $PPLJFJE ϦΫΤετʹج͖ͮɺϢʔ βʔͷߦಈΛه࿥͢Δ
  6. • ࣍ʹ c.com ʹ๚໰ͨ͠ͱ͢Δɻͦ͜Ͱ΋ಉ༷ ʹ b.com ͷ޿ࠂΛݟͨͱ͢Δɻ • ͦ͏͢Δͱ a.com

    དྷͨ͜ͱ͋Δࣄ͕޿ࠂදࣔ ࣌ʹ b.com ʹ఻ΘΔɻ Cookie ͷ࢓૊Έ 1BHF CDPN BE IUUQTDDPNJOEFYIUNM DPPLJFʹJE͕࢒͍ͬͯΕ͹Ͳ͔͜Ͱ ޿ࠂදࣔ͞Εͨ͜ͱ͕͋Δ͜ͱ͕CDPNʹ఻ΘΔɻ ࣄલͷཤྺΛݟΕ͹BDPN͔Βདྷͨ͜ͱ΋Θ͔Δ
  7. 3rd Party Cookie͕ಈ͔ͳ͘ͳ Δ࢓૊Έ 4FSWFS BDPN 1BHF DDPN CDPN IUUQTBDPNJOEFYIUNM

    4FSWFS CDPN 4FSWFS DDPN 4FU$PPLJF 4FU$PPLJF 4FU$PPLJF ✓ OK ✗ NG ✗ NG ͡Ό͋ͦ΋ͦ΋͜ͷ࣌ͷCDPNϨεϙϯε࣌ʹॻ͔ΕͯΔ4FU$PPLJFΛແޮʹ ͢Δͱ͍͏ͷ͕*51ॳΊͱ͢ΔSEQBSUZDPPLJFΛഉআ͢Δߟ͑ํ
  8. • Set-Cookieϔομܦ༝Ͱ͸ͳ͘ɺJavaScriptΛμ΢ϯϩʔυͨ͠ ޙɺ `document.cookie` ܦ༝Ͱॻ͚͹ɺCookieʹه࿥͸Մೳ • ͜ͷ৔߹3rd party ͷJSͰ͋ͬͯ
 ΋1st

    party cookieͱͳΔͨΊɺ
 ઌͷ੍໿ΛճආͰ͖Δ • ϦΫΤετ࣌ʹAjax౳Λܦ༝ͯ͠
 idΛ b.com ʹ΋ૹΔɺ͜ΕͰ
 trackingͰ͖Δɻ Cookie ͷ࢓૊Έ 1BHF CDPN BE IUUQTBDPNJOEFYIUNM CDPN͸+BWB4DSJQUΛμ΢ ϯϩʔυ͠ɺ+4ܦ༝ͰDPPLJF Λॻ͘ɻ
  9. ITP / ETP ͷ৔߹͸ document.cookie ࣗମʹ΋੍ݶ͕ՃΘ͍ͬͯΔ 4FSWFS BDPN 1BHF DDPN

    CDPN IUUQTBDPNJOEFYIUNM 4FSWFS CDPN 4FU$PPLJF EPDVNFOUDPPLJF ✓ OK ˚ 1day only EPDVNFOUDPPLJFͰॻ͍ͨ৔߹͸4BGBSJͷ৔߹ɺ೔͔͠อͨͳ͍ɻ ·ͨɺ'JSFGPYͷ৔߹͸SEQBSUZTDSJQU͕ CMBDLMJTUʹࡌͬͯΔͱ ಈ͔ͳ͍ɻ
  10. • Chrome ͷ৔߹͸ Cookie ʹଐੑΛ෇༩͢ΔܗͰ 3rd party cookie ͷtrackingΛ੍ݶ͢Δ •

    σϑΥϧτͰൃߦ͞ΕΔ cookie ʹ͸ SameSite=Lax ͱݺ͹ΕΔଐ ੑ͕෇༩͞ΕΔɻ • ͜ΕʹΑΓɺΫϩεαΠτͰͷϦΫΤετ͸τοϓϨϕϧυϝΠϯ ͕ಉ͡΋ͷͷΈʹ੍ݶ͞ΕΔɻ • ΋͠΋ΫϩεϦΫΤετͰ΋ૹΓ͍ͨ৔߹͸SameSite=None; Secure; ͱ͍͏ଐੑʹ͢Δඞཁ͕͋Δɻ Chrome SameSite Cookie
  11. • Chrome ͷ৔߹ɺ document.cookie Ͱ͸ SameSite=NoneଐੑΛ෇༩ͤ͞Δ͜ͱ͕ෆՄ ೳʹͳͬͯΔɻ // ஫ҙ: ͜͏͍͏ࢦఆ͸Ͱ͖ͳ͍ɻ

    document.cookie="id=123456789;secure;samesite=none" Chrome SameSite Cookie ௥هɿɹ$ISPNF͔Β͸4BNF4JUFOPOF4FDVSF
 Λ+4Ͱॻ͚ΔͨΊɺ͜ͷϖʔδ͸ޡΓɻ5IBOLT!LZPUPOJP
  12. DNSͷCNAMEϨίʔυʹυϝΠϯΛ௥Ճͯ͠΋ Β͍ɺυϝΠϯΛ1st partyѻ͍ʹ͢Δํ๏͕͋Δ 4FSWFS BDPN 1BHF BOBMZUJDTBDPN BEBDPN IUUQTBDPNJOEFYIUNM 4FSWFS

    BEBDPNத਎͸ CDPN 4FSWFS BOBMZUJDTBDPNத ਎͸DDPN SEQBSUZDPPLJF͸SEQBSUZʹରͯ͠ߦ͏͔Β/(ͳͷͰ͋ͬͯɺTUQBSUZ ѻ͍ͯ͠͠·͑͹੍ݶΛղআͰ͖Δ
  13. DNSͷCNAMEϨίʔυʹυϝΠϯΛ௥Ճͯ͠΋ Β͍ɺυϝΠϯΛ1st partyѻ͍ʹ͢Δํ๏͕͋Δ 4FSWFS BDPN 1BHF BOBMZUJDTBDPN BEBDPN IUUQTBDPNJOEFYIUNM 4FSWFS

    BEBDPNத਎͸ CDPN 4FSWFS BOBMZUJDTBDPNத ਎͸DDPN ͨͩ͠ɺ͜ͷ৔߹ɺ$PPLJFࣗ਎͸BEBDPNʹ੍ݶ͞ΕΔͨΊɺSEQBSUZ DPPLJFͷΑ͏ʹɺϢʔβʔΛҰҙʹಛఆ͢ΔJEΛൃߦͰ͖ͳ͍ɻαΠτ಺Ͱ USBDLJOHͰ͖Δ͚ͩͰɺಛఆ͸ࠔ೉
  14. DNSͰ੍ݶ͢Δ 1BHF BOBMZUJDTBDPN BEBDPN IUUQTBDPNJOEFYIUNM %/44FSWFS query: ad.a.com cname: b.com

    %/4ʹ໊લղܾ͢Δࡍʹ $/".&Ͱผ໊ʹͳͬͯΔ͜ ͱ͕Θ͔ͬͨΒͦ͜ͰCMPDL͢ Δ࢓૊ΈΛݕ౼த ✗ NG %/4ղܾΛϒϥ΢βຊମଆͰߦ͏͜ͱͰɺ੍ݶͰ͖ΔΑ͏ʹͳΔʢͨͩ͠ɺ·ͩ Ͳͷϒϥ΢β΋%/4Ͱ$/".&ܦ༝ͰͷUSBDLJOH੍ݶ͸ະ࣮૷ʣ IUUQTCVH[JMMBNP[JMMBPSHTIPX@CVHDHJ JE
  15. Privacy Sandbox • Chrome Ͱఏএ͍ͯ͠ΔΑΓ privacy ʹ഑ྀͨ͠৽͍͠Ϟ σϧ • 3ͭͷͦΕͧΕಠཱͨ͠औΓ૊Έ͕͋Δɻ

    • Cross-Site Tracking ͷ࠶ఆٛ • 3rd Party Cookie ͷഇࢭ • ৽͍͠ํ๏΁ͷҠߦखஈͷఏڙ IUUQTXXXDISPNJVNPSH)PNFDISPNJVNQSJWBDZQSJWBDZTBOECPY
  16. Privacy Sandbox • શͯΛ঺հ͢Δ࣌ؒ͸ͳ͍ͷͰ3ͭ΄Ͳ঺հ • Privacy Budget • Trust Tokens

    API • Federated Learning of Cohorts IUUQTXXXDISPNJVNPSH)PNFDISPNJVNQSJWBDZQSJWBDZTBOECPY
  17. Privacy Budget ॳظϦΫΤετ: Sec-CH-UA: "Chrome"; v="73" Ϩεϙϯε: Accept-CH: UA, Platform

    Sec-CH-UA: "Chrome"; v="73.3R8.2H.1" Sec-CH-UA-Platform: "Windows"; v="10" 6TFS"HFOUจࣈྻ΋ैདྷͷΑ͏ʹ͸౉͞ͳ͍ɻΤϯτϩϐʔ͕ଟ͘ɺpOHFSQSJOUʹ࢖͑ΔͨΊɻ ͜ΕΛαʔόଆͱΫϥΠΞϯτଆͰ$MJFOU)JOUTͱݺ͹ΕΔ࢓༷Ͱަব͠ͳ͕Β৘ใΛ΋Β͏ɻ
  18. CookieͷऔΓѻ͍ʹؔͯ͠ • 3rd party cookie Λج४ʹͨ͠tracking͸Πλνͬ͜͝Ͱ ίϩίϩํ๏͕มΘΔ • trackingͦͷ΋ͷΛఘΊΔ͔ •

    ৔౰ͨΓతʹରॲ͠ɺΠλνͬ͜͝ʹͳΔ͔ • ͪΌΜͱಉҙΛಘΔ͔ • ͷ3୒ʹͳ͍ͬͯΔɻ
  19. ·ͱΊ • Cookieʹؔͯ͠͸͜Ε͔Β͓ͦΒ͘ͲΜͲΜѻ͍͕ݫ͘͠ͳ͍ͬͯ͘ɻಛʹtracking ʹ͍ͭͯ͸͜Ε·Ͱͷ΍Γํ͸ਪ঑͞Εͳ͍ํ޲ʹɻ • CookieʹมΘΔํ๏ͱͯ͠৽͍͠tracking, conversion measurementͷ΍Γํ͕ߟ͑ ΒΕͯΔɻPrivacy Sandbox΍Private

    Click Measurementͷಈ޲ΛཁνΣοΫ • ҰํͰ·ͩ๏ྩؚΊͯ௥͍͍͍ͭͯͳ͍ͱ͜Ζ΋ͨ͘͞Μ͋Δɻ΋͘͠͸๏཯͔Βઌ ʹڧ੍తʹCookieͷऔΓѻ͍Λݟ௚͢ํ޲ʹͳ͍ͬͯ͘Մೳੑ΋ɻ • Cookieࣗ਎ͷѻ͍ʹؔͯ͠͸ηογϣϯͱͯ͠࢖͏ʹͱͲΊɺtracking͸ผͳํ๏Ͱ ͷݕ౼Λ͍ͯ͘͠ඞཁ͕͋Δݟ௨͠ɻ • ·ͩϒϥ΢βϕϯμʔؒͰ΋଍ฒΈ͸ἧ͍ͬͯͳ͍༷ࢠɺۀքશମΛר͖ࠐΉ࿩ͳͷ ͰɺۀքશମͰϑΥϩʔΞοϓ͍͖ͯ͠·͠ΐ͏ɻ
  20. ࢀߟࢿྉ • Safari • https://webkit.org/blog/8943/privacy-preserving-ad-click-attribution-for-the-web/ • https://webkit.org/tracking-prevention-policy/ • https://webkit.org/blog/9521/intelligent-tracking-prevention-2-3/ •

    https://www.apple.com/safari/docs/Safari_White_Paper_Nov_2019.pdf • Firefox • https://support.mozilla.org/en-US/kb/enhanced-tracking-protection-firefox-preview • https://support.mozilla.org/en-US/kb/firefox-dns-over-https • https://bugzilla.mozilla.org/show_bug.cgi?id=1598969 • https://blog.mozilla.org/blog/2019/09/03/todays-firefox-blocks-third-party-tracking-cookies-and- cryptomining-by-default/ • https://blog.mozilla.org/security/2020/01/07/firefox-72-fingerprinting/ • Chrome • https://services.google.com/fh/files/misc/disabling_third-party_cookies_publisher_revenue.pdf • https://blog.chromium.org/2020/01/building-more-private-web-path-towards.htmls
  21. ࢀߟࢿྉ • Chrome • https://security.googleblog.com/2019/10/no-more-mixed-messages-about- https_3.html • https://developer.mozilla.org/ja/docs/Web/API/Document/cookie • https://www.chromium.org/Home/chromium-privacy/privacy-sandbox

    • https://github.com/bslassey/privacy-budget • https://github.com/jkarlin/floc • https://github.com/WICG/ua-client-hints • ͦͷଞ • https://medium.com/nextdns/cname-cloaking-the-dangerous-disguise-of-third-party- trackers-195205dc522a • https://wicg.github.io/ad-click-attribution/index.html • https://note.com/martech/n/n3d79c59e41be