A threat to the anonymity of whistleblowers, dissidents and other privacy-reliant web users has surfaced in the form of a new app. Created by computer scientists from the U.S.-based Worcester Polytechnic Institute, the application renders all forms of network encryption useless by using computer hardware readings to detect the websites visited by users’ browsers.
According to a publication that outlines the specifics of the new development, this app can be a threat to the online anonymity of everyone—regardless of how well-encrypted their network is.
It does so by monitoring computer hardware usage, particularly within the device’s processor, then using this information to speculate with alarming accuracy the sites visited on that computer.
The potential comprise of online anonymity is said to be significant, especially when it comes to flagging whistleblower websites.
Anonymity Can Be Violated Via Hardware Performance Events
According to the abstract of the paper, this seemingly innocuous app circumvents all types of privacy and anonymity measures to reveal the computer’s browser history.
It does this without intercepting traffic from the computer’s network. Instead, the malicious application is capable of revealing the websites a computer has visited by exploiting its Hardware Performance Events (HPEs).
Aided by cutting-edge Machine Learning techniques such as Decision Trees, Support Vector Machines, and k-th Nearest Neighbors, the application is capable of analyzing what is known as the micro-architectural footprints of installed browsers in order to determine which websites they have accessed.
The detection system is reliant on a database that currently consists of 30 Alexa sites and 10 whistleblowing portals designed to protect anonymity. For the purposes of accuracy, the paper says, the websites have been profiled on separate Intel and ARM processors and classified after as little as five seconds of monitoring cache accesses, bus cycles and retired instructions.
Initial tests showed that the system could detect the profiled websites high level of success.
The paper concludes on a pro-anonymity note, proposing ways to prevent this app from compromising a user’s online privacy without disrupting the HPEs.
High Success Rate a Threat to Online Anonymity
Even when the computer user masks their traffic by using the Tor browser, a popular anonymity tool, the app is still able to decipher the websites visited by matching the processor’s usage with the database in the profiled site.
What’s an even bigger threat to anonymity is that the app can be deployed to run silently in the background, therefore raising no suspicion whatsoever.
The app’s background processes form an algorithm using the data it collects from monitoring HPEs, which they then use to parse the browsing history data and create site predictions with a success rate of up to 86.3 percent.
Test runs show that the system was able to detect popular websites such as Amazon. The high accuracy of these predictions remained, even when it was tested on Chrome browsers that had the incognito browsing feature activated.
However, the accuracy of its predictions dipped when it was tested on computers using the Tor anonymity browser.
Developed for Linux
Apparently, the fact that the Worcester Institute scientists have developed the app to work in Linux-based operating systems should ease the worries of every person who treasures their online anonymity.
Even if it falls into the wrong hands, the app cannot be used to violate the anonymity of people using Windows-based or Mac computers, which are the two most popular operating systems.
However, experts cannot brush away the possibility that a similar app could be developed for iOS devices although that could be a long way off.
Practicing Caution to Preserve Online Anonymity
As with most breaches of privacy, the weakest link is often the person using the computer. Experts have advised people to practice caution when installing new applications, since the anti-anonymity app can be hosted as a worm on a downloaded file.