Please note: This talk will take place in DC 1304 and online.
Eric Jollès, Doctoral student
École Polytechnique Fédérale de Lausanne
Modern webpages are heavy, dynamic, and highly personalized bundles of JavaScript, stylesheets, HTML, media, trackers, and third-party resources. This complexity creates distinctive network fingerprints that can persist even through anonymous communication systems such as Tor and Nym. It also makes stronger website-fingerprinting defenses, such as Front and Tamaraw, costly to deploy and less successful because they require high overhead to hide these patterns. This leaves PETs facing two unsatisfying paths: impose coarse restrictions across the web, such as blocking all JavaScript, or retreat to simpler websites and leave the complexity of the modern web largely unaddressed.
This talk introduces a third road: when a PET knows the user’s purpose on a webpage, it can intentionally break the functionality that does not serve that purpose. We refer to this new paradigm as purpose-limited browsing. For example, a user who wants to read an article, check a price, or submit a form may not need autoplay media, recommendation widgets, comment sections, personalization scripts, analytics, or unrelated third-party resources. We present MinBro, a client-side-only prototype that uses LLMs to identify which page resources are likely necessary for a predefined user purpose. By narrowing the functionality of a webpage before applying traffic-analysis defenses, MinBro reduces the amount of data to be downloaded, making page fingerprints easier to hide. By reducing functionality, MinBro can push defenses beyond the limits of the anonymity trilemma: when combined with defenses that are otherwise costly in practice, it simultaneously reduces website-fingerprinting effectiveness, page-load latency, and bandwidth overhead. Moreover, limiting the number of resources to those necessary for a purpose also results in a dramatic reduction of tracker behavior without breaking the intended tasks.
Beyond the tested prototype, MinBro opens a broader discussion about controlled breakage as a PETs design strategy. How should users express their purpose? What level of purpose granularity is useful? How can purpose-specific decisions be cached? Should browsers or servers cooperate? And, most importantly, what kinds of reduced functionality are acceptable in exchange for stronger privacy? We use MinBro to argue that purpose-limited browsing is a promising new design space for making advanced PETs practical on today’s complex web.
Bio: Eric Jollès is a doctoral student at EPFL, working broadly on network security and privacy topics. He is advised by Carmela Troncoso in the SPRING lab, where he designs and attacks existing systems to create new solutions that make the Internet a more private place. He holds a joint Master’s in Cyber Security from EPFL and ETH Zurich.
To attend this talk in person, please go to DC 1304. You can also attend virtually on Zoom.