Demystifying content-blockers: A large scale study of actual performance gains

With the evolution of the online advertisement and tracking ecosystem, content-filtering has become the reference tool for improving the security, privacy and browsing experience when surfing the Internet. It is also commonly believed that using content-blockers to stop unsolicited content decreases the time needed for loading websites. In this work, we perform a large scale study with the 100K most popular websites on the actual performance improvements of using content-blockers. We focus our study in the two most relevant metrics for user experience; bandwidth and latency. Our results show that using such tools results in small improvements in terms of bandwidth usage but, contrary to popular belief, it has a negligible impact in terms of loading time. We also find that, in the case of small and fast loading websites, the use of content-blockers can even result in increased browsing latency

Demystifying content-blockers: Measuring their impact on performance and quality of experience

With the evolution of the online advertisement and tracking ecosystem, content-blockers have become the reference tool for improving the security, privacy and browsing experience when surfing the Internet. It is also commonly believed that using content-blockers to stop unsolicited content decreases the time needed for loading websites. In this work, we perform a large-scale study on the actual improvements of using content-blockers in terms of performance and quality of experience. For measuring it, we analyze the page size and loading times of the 100K most popular websites, as well as the most relevant QoE metrics, such as the Speed Index, Time to Interactive or the Cumulative Layout Shift, for the subset of the top 10K of them. Our experiments show that using content-blockers results in small improvements in terms of performance. However, contrary to popular belief, this has a negligible impact in terms of loading time and quality of experience. Moreover, in the case of small and lightweight websites, the overhead introduced by content-blockers can even result in decreased performance. Finally, we evaluate the improvement in terms of QoE based on the Mean Opinion Score (MOS) and find that two of the three studied content-blockers present an overall decrease between 3% and 5% instead of the expected improvement.This publication is part of the Spanish I+D+i project TRAINER-A (ref. PID2020-118011GB-C21), funded by MCIN/ AEI/10.13039/501100011033.Peer ReviewedPostprint (author's final draft

Enhancing System Transparency, Trust, and Privacy with Internet Measurement

While on the Internet, users participate in many systems designed to protect their information’s security. Protection of the user’s information can depend on several technical properties, including transparency, trust, and privacy. Preserving these properties is challenging due to the scale and distributed nature of the Internet; no single actor has control over these features. Instead, the systems are designed to provide them, even in the face of attackers. However, it is possible to utilize Internet measurement to better defend transparency, trust, and privacy. Internet measurement allows observation of many behaviors of distributed, Internet-connected systems. These new observations can be used to better defend the system they measure. In this dissertation, I explore four contexts in which Internet measurement can be used to the aid of end-users in Internet-centric, adversarial settings. First, I improve transparency into Internet censorship practices by developing new Internet measurement techniques. Then, I use Internet measurement to enable the deployment of end-to-middle censorship circumvention techniques to a half-million users. Next, I evaluate transparency and improve trust in the Web public-key infrastructure by combining Internet measurement techniques and using them to augment core components of the Web public-key infrastructure. Finally, I evaluate browser extensions that provide privacy to users on the web, providing insight for designers and simple recommendations for end-users. By focusing on end-user concerns in widely deployed systems critical to end-user security and privacy, Internet measurement enables improvements to transparency, trust, and privacy.PHDComputer Science & EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/163199/1/benvds_1.pd

AdSplit: Separating smartphone advertising from applications

A wide variety of smartphone applications today rely on third-party advertising services, which provide libraries that are linked into the hosting application. This situation is undesirable for both the application author and the advertiser. Advertising libraries require additional permissions, resulting in additional permission requests to users. Likewise, a malicious application could simulate the behavior of the advertising library, forging the user's interaction and effectively stealing money from the advertiser. This paper describes AdSplit, where we extended Android to allow an application and its advertising to run as separate processes, under separate user-ids, eliminating the need for applications to request permissions on behalf of their advertising libraries. We also leverage mechanisms from Quire to allow the remote server to validate the authenticity of client-side behavior. In this paper, we quantify the degree of permission bloat caused by advertising, with a study of thousands of downloaded apps. AdSplit automatically recompiles apps to extract their ad services, and we measure minimal runtime overhead. We also observe that most ad libraries just embed an HTML widget within and describe how AdSplit can be designed with this in mind to avoid any need for ads to have native code

How Can and Would People Protect From Online Tracking?

Online tracking is complex and users find itchallenging to protect themselves from it. While the aca-demic community has extensively studied systems andusers for tracking practices, the link between the dataprotection regulations, websites’ practices of presentingprivacy-enhancing technologies (PETs), and how userslearn about PETs and practice them is not clear. Thispaper takes a multidimensional approach to find such alink. We conduct a study to evaluate the 100 top EUwebsites, where we find that information about PETsis provided far beyond the cookie notice. We also findthat opting-out from privacy settings is not as easy asopting-in and becomes even more difficult (if not impos-sible) when the user decides to opt-out of previously ac-cepted privacy settings. In addition, we conduct an on-line survey with 614 participants across three countries(UK, France, Germany) to gain a broad understand-ing of users’ tracking protection practices. We find thatusers mostly learn about PETs for tracking protectionvia their own research or with the help of family andfriends. We find a disparity between what websites offeras tracking protection and the ways individuals reportto do so. Observing such a disparity sheds light on whycurrent policies and practices are ineffective in support-ing the use of PETs by users

Online advertisement blocker detection: a look at the state of the art for counter-detection and a proof-of-concept for new approaches

Treballs Finals de Grau d'Enginyeria Informàtica, Facultat de Matemàtiques, Universitat de Barcelona, Any: 2017, Director: Lluís Garrido OstermannIn the last years, there has been a surge in the usage of ad-blocking software among Internet users, mainly motivated by intrusive advertisements and rising awareness of the privacy and security implications of advertisements. As a response, many websites have started implementing ad-blocker detection scripts, which detect whether or not an user has an ad-blocking software. In this work, we study the implications and technical underpinnings of those scripts and document relatively simple workarounds ad-blocking software could implement to avoid detection by those scripts. We also present a prototype implementing the explained techniques over a set of test cases

Web Tracking - A Literature Review on the State of Research

Web tracking seems to become ubiquitous in online business and leads to increased privacy concerns of users. This paper provides an overview over the current state of the art of web-tracking research, aiming to reveal the relevance and methodologies of this research area and creates a foundation for future work. In particular, this study addresses the following research questions: What methods are followed? What results have been achieved so far? What are potential future research areas? For these goals, a structured literature review based upon an established methodological framework is conducted. The identified articles are investigated with respect to the applied research methodologies and the aspects of web tracking they emphasize