[very-wip][do not merge] Remove all site data after page exit

[uazo]

I had been saying it for a long time, in the end I did.
as you may have guessed, all these patches are part of a series of checks that I am doing on the way that are used by the fingerpriting libraries

the idea is to delete all the data after exiting a page (Page in the sense of blink, i.e. same domain topframe) by (better) simulating the action of the famous cookie-auto-delete extension.
testing it, neither creepjs nor fingerprintjs (which seem the best libraries to me) are able to link my activity during the same browsing session, a good result I think.

to do this I had to modify the ConditionalCacheDeletionHelper to allow selective deletion of all data for correct NetworkIsolation, which is currently not managed in chromium.
However, I would like to activate it only for always incognito and under a site setting: we would also have to separate the LastTabStandingTracker activation logic from Add lifetime options for permissions patch.

what do you think?

[uazo]

a really strange thing happens: creepjs keeps the same fingerprinting hash between different sessions:

tryed with official bromite arm64 version: happen
tryed with the (my) arm64 no debug version: happen
tryed with the (my) arm64 debug version: happen

tryed with official bromite x64 version: happen

BUT

tryed with the (my) x64 debug version: does not happen

so i checked with browserstack and the same fingerprint is kept between equal devices, whatever version you use

but the question is why in my debug version doesn't this happen?

all suggestions are welcome, I almost ask the author of the library directly.
in the meantime I compile my non-debug x64

[uazo]

@csagan5 can you try with your debug debug version in incognito mode?

EDIT: I think I have found the culprit, now I have to figure out how to fix ...

[uazo]

the problem was the random number generator, but I couldn't reproduce it anymore.

that is, in my case, /dev/urandom always returned zero, even if entropy was available (with cat /proc/sys/kernel/random/entropy_avail).
I checked the documentation and it seems not possible, but that was what happened.
modifying the code as per 1545096 the bug disappeared, but unfortunately, the next day, it was no longer reproducible.

moreover, in that way I found the timezone bug and verified that, in my opinion, it is necessary to add some mitigation on the svg as well. on this last thing I already have a patch ready, later I make a pull request so we can talk about it.

[csagan5]

the problem was the random number generator, but I couldn't reproduce it anymore.

that is, in my case, /dev/urandom always returned zero, even if entropy was available (with cat /proc/sys/kernel/random/entropy_avail).

This would be a major security problem. What device did you use? Configuration? The most recent changes on that area of the kernel are these: https://www.theregister.com/2022/03/21/new_linux_kernel_has_improved/

But if you can reproduce that, it's a big issue (regardless if it is a bug in kernel or Android).

moreover, in that way I found the timezone bug and verified that, in my opinion, it is necessary to add some mitigation on the svg as well. on this last thing I already have a patch ready, later I make a pull request so we can talk about it.

I do not follow, what do SVGs and timezones have in common?

[uazo]

I do not follow, what do SVGs and timezones have in common?

I started from this:

and I noticed that, for intl and svg the values were always the same.
for svg it is normal because this is missing (I make you the pull so you understand the differences better, we talk about it later there) but I was not expecting the same value for the timezone, hence the bug.
but then I noticed that always the same value was also obtained for the canvas, and it shouldn't have happened, hence the search for why and understanding that random failed.

What device did you use? Configuration?

I'm currently testing it on a MI5 pro with lineageos A10:

gemini:/ $ uname -a
Linux localhost 3.18.124-gedc169a #1 SMP PREEMPT Sun Mar 14 06:14:59 UTC 2021 aarch64

I think the kernel/drivers is this, I think it is normal that they are not updated, and probably, like my device, there will be many others out of date.

This would be a major security problem.

I had seen that problem, basically urandom always returns a value (not blocking mode) while random blocks if it does not have the value available. I have also read that some kernel versions can empty the entropy value with successive burst calls, but I was unable to reproduce it.
in fact, I just couldn't reproduce that situation at all, which settled after restarting the device (which I do every night).

now, although it is not able to give you a logical and rational reason for the problem, we could probably consider adding 1545096 but without actual testing I wouldn't know how effective it is.

[uazo]

related: https://bugs.chromium.org/p/chromium/issues/detail?id=1360489

[csagan5]

now, although it is not able to give you a logical and rational reason for the problem, we could probably consider adding 1545096 but without actual testing I wouldn't know how effective it is.

No, the random numbers source should not be changed without evidence of a problem. And if it is a problem as you describe it should have an upstream security issue.

related: https://bugs.chromium.org/p/chromium/issues/detail?id=1360489

This is not related, bounce tracking would work even when removing all site data after page exit.

[uazo]

This is not related, bounce tracking would work even when removing all site data after page exit.

well, however, that's what major browsers basically currently do, and it's probably the only thing that can be done without breaking user navigation.

[uazo]

accidentally I found that the same functionality exists in the desktop version, one more reason to try to bring it to android as well.