Section 3.3: Browser Security#

Overview:#

The browser is a powerful tool that victims can use to find resources and information for navigating for unique situations. However, usage of a browser will often leave a digital footprint that abusers can use to determine sensitive information about a victim or the victim’s previous activity. Abusers can find this information through remote monitoring, but many cases will also involve victims needing to keep their information safe from an abuser sharing the same household with access to their devices.

Terms#

Browser

  • An application that lets you access websites through searching the internet. Examples: Google, Mozilla Firefox, Safari

Cookies

  • Files stored on the browser that record information about websites, such as a user’s activity, preferences, and login status.

Extension

  • Add-ons for browsers that add additional functionality to the browser. Examples include ad blockers, dictionaries, and password managers.

Trackers

  • Pieces of software that collect information about a user to create a profile on them, noting their interests and where they spend their time

Private Browsing#

Victims, particularly those who are at risk of further abuse should their abuser find out about their seeking help, should be advised to not leave evidence when searching for abuse prevention resources. Examples of evidence include:

  • Browser History
    • Victims should be taught how to access and delete the browser history on their browser of choice, and told to always ensure that it is deleted.
    • Alternatively, instruct victims to use private browsing sessions (also called “incognito mode”) that do not leave browsing history and cookies.
  • Browser Cookies
    • Even if the record of visiting a website in the Browser history is deleted, certain information can still be recorded in the form of cookies that are specific to certain websites. This can indicate to an abuser what websites the victim has accessed at some point.
    • Victims should be taught how to access and delete browser cookies on their browser.
  • Saved Passwords
    • Similarly to browser cookies, many browsers have in-built password manager features that will save passwords inputted on specific websites.
    • Victims should be advised to not enable password saving, and if already enabled, taught how to remove the functionality for specific sites.
  • Bookmarks
    • Victims should be instructed not to bookmark sites that would spur scrutiny from abusers, and shown how to remove bookmarks.
  • Call History and Text Message Logs

Care should be taken when advising victims on how to delete evidence of their browsing activity; blanket deletions can also arouse suspicion from abusers, as they indicate having something to hide. Victims should be advised to cover their tracks narrowly and only delete activity for sites that their abuser would not want them to access.

Sensitive Information#

Browsers have in-built quality-of-life functionality to record certain information such as passwords and payment information that allow users to save time on filling out forms. Although these are convenient enhancements for normal users, in the hands of an abuser they can be used as ways to blackmail or control victims. Examples include:

  • Saved Passwords
    • Saved passwords can be used by an abuser to log into a victim’s accounts, offering them a dangerous level of control over the victim’s digital presence or sensitive services. Additionally, browsers will oftentime store passwords in plaintext in their inbuilt password managers, allowing abusers to harvest login information, particularly if passwords and usernames are reused across many services. (Example with Google’s password manager)
  • Autopay Services
    • Many browsers will offer autopay services (e.g. Google Pay), which store payment information in the browser. Abusers with access to a browser can then submit said payment information to arbitrary services, giving them a dangerous amount of control over the victim’s finances.
    • Consider advising victims to disable autopay features and/or remove their credit card information from them, if relevant.
  • Browser Accounts
    • Browser accounts often come with suites of services. For example, a google account on a browser can be linked to a user’s social media accounts, email, and calendar. By simply accessing a victim’s browser with their account still logged in, an abuser can access and control significant amounts of the victim’s data if it is linked to their browser account.
    • Victims should be advised to log out of their accounts when not in use, or forego them entirely.

Remote Monitoring Prevention#

Trackers#

  • Trackers are small pieces of software that collect information about you so they can create a profile on you, noting your interests and where you spend your time
  • Some of these are more obvious, such as likes on a social media website, and others that are more discreet and often track the time spent on a website or page
  • This is done by companies to figure out your exact interests and give you the most personalized ads, with the hope that you are more likely to purchase something you are interested in.
    • Companies are not incentivized to put a large amount of effort into securing this data, easier to minimize the overhead work
    • This data is not in your control- rather it is often being sold around the internet so other companies can target you with ads, increasing the potential viewership of your personal interests, and vectors with which someone may try and steal your information
  • If this is worrying and you would like to keep your data secure, minimizing the chances someone can find more sensitive information about you (such as location) and thus compromising your safety, there are methods to protect yourself

Extensions#

  • Extensions are add-ons that people add to their browser to enhance their browsing experience and to suit the browser to their needs
    • May do things like block ads, track passwords, and more
  • Oftentimes, non-malicious extensions request too many permissions
    • This increases the attack vector and things that can get stolen if there is a breach with that extension
  • Malicious extensions can be much worse
    • Over-request far too many permissions
    • Redirecting users to websites that are not trusted or secure
    • Collect your data to sell it to other groups
  • How can you utilize extensions safely?
  • Victims should be advised to monitor their extensions for anything unfamiliar or suspicious, and disable anything they do not recognize and is said to be dangerous.

What are cookies?#

  • Cookies are text files that store information about you when you visit a site
  • An example of this is amazon remembering your shopping cart when you leave the site and come back, this way all your progress isn’t gone when you leave.
  • There are two types of cookie usage, first party and third party
    • First party cookies are created and used by the website you are currently using. You likely gave them permission to store cookies, and the cookies are often used to better user experience like with the amazon cart example
    • Third party cookies are created and used by other sites which shared the information they gathered on you with the site you are currently on, so that site may give you incredibly targeted advertising despite having very little information on you
  • Third party cookies specifically are a source of controversy, leaving concerns about the implications of your data being stored without your consent and used across the internet, with targeted ad profiles being sold for companies to make more money at your expense
  • Despite it not being best practice, some companies with insecure practices may store things like passwords in human-readable plain text on cookies, which poses a security issue if those cookies were to be intercepted.
Backward Application Safety Social Media Forward

If you are in immediate physical danger, call 911!