Skip to content
This repository was archived by the owner on Nov 7, 2024. It is now read-only.
This repository was archived by the owner on Nov 7, 2024. It is now read-only.

Address cross-device correlation #40

Description

@jyasskin

Roughly:

Sites can't tell that a single user is visiting on two different devices until the user enters sufficiently-identifying information into the site on both devices independently or otherwise expresses a desire to sign into the same account on both devices.

The ideal threat model would prevent cross-device correlation until the user intentionally signs into a single account on both devices, but it seems impossible for a browser to prevent users from, say, typing a credit card number or home address into the site on each device, which doesn't express the user's intent to share an account, but does let the site guess it's the same or a closely-related user.

I think the only practical effect is to ban browsers from sync'ing storage across devices without per-site user intent (?), but that's still worth writing down.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions