February 26, 2018 // 10:43 a.m.
Researchers at the Massachusetts Institute of Technology (MIT) have announced the development of a new private browsing system, dubbed Veil, which is claimed to offer significant privacy improvements over current implementations.
Available in the majority of modern browsers, Private Browsing - also known as Icognito Mode - is designed to provide protections against tracking and snooping. In all cases, a Private Browsing window prevents your browsing history from being stored; in many browsers, additional measures are enabled such as stronger protections against web tracking technologies. These, a team of MIT researchers claim, don't go far enough - but they believe that Veil is the solution.
'Veil was motivated by all this research that was done previously in the security community that said "private-browsing modes are leaky - here are 10 different ways that they leak,"' explains Frank Wang, MIT graduate student in electrical engineering and computer science and the first author named on the paper. 'We asked "what is the fundamental problem?" The fundamental problem is that [the browser] collects this information, and then the browser does its best effort to fix it. But at the end of the day, no matter what the browser’s best effort is, it still collects it. We might as well not collect that information in the first place.'
Rather than the current method of collecting and tracking browsing data as normal then erasing it when the window or tab is closed, Veil keeps data in memory encrypted right up to the point it is displayed on screen. The secret sauce is a 'blinding server,' a proxy which retrieves the requested content and encrypts it before transmission to the browser.
To protect the data further post-decryption, the team's technology adds a few more tricks. Additional code is added to the page prior to encryption in such a way that the underlying file is dramatically modified yet the page renders identically to the user, a move which the team claims makes it significantly more difficult to identify a page should you capture a small snippet from the system's memory. An alternative mode offers still more protection, transmitting only an image of the requested site - but one on which users can click, sending a request to the blinding server for the link to be activated and a new picture sent.
The primary drawback of the proposed system is that the onus is on webmasters to create and maintain a Veil-compatible version of their website and load it onto a blinding server, though the team points to a utility for automatic conversion of existing sites as significantly simplifying the process. The blinding servers themselves, meanwhile, need maintenance - something the team claims could be taken on by a network of volunteers or a for-profit company. For users, though, there's one significant advantage: the Veil technology is server-side, with the decryption code provided within the Veil content itself, meaning it operates in any browser without requiring a specific Veil-compatible browser or extension to be installed.
The paper, entitled Veil: Private Browsing Semantics Without Browser-side Assistance, can be read in full on Frank Wang's website (PDF warning).