Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore client-side deanonymization attacks that can compromise user privacy within Google's Privacy Sandbox initiative in this 35-minute conference talk. Examine how new web APIs designed as privacy-preserving alternatives to third-party cookies contain vulnerabilities and misconfigurations that attackers can exploit. Learn about the Attribution Reporting API and discover how debugging reports can bypass privacy mechanisms like Referrer-Policy to potentially expose sensitive user information. Understand destination hijacking techniques combined with side-channel attacks using storage limit oracles to reconstruct browsing history, demonstrating sophisticated deanonymization methods. Investigate vulnerabilities in the Shared Storage API and see how insecure cross-site worklet code can leak data despite the API's design to prevent direct data access. Gain insights through real-world examples and potential attack scenarios that highlight the practical implications of these privacy vulnerabilities in modern web technologies.
