search

brave / brave-browser

Brave browser for Android, iOS, Linux, macOS, Windows.
https://brave.com
Mozilla Public License 2.0
17.95k stars 2.35k forks source link

Audio farbling bypass #42356

Closed arthuredelstein closed 4 days ago

arthuredelstein commented 1 week ago

Description

Fix a code path in our audio farbling where audio is not being farbled. See https://hackerone.com/reports/2846851

Summary:

A bug introduced in July 2024 allows websites to bypass Brave's audio fingerprinting protection when using Web Audio AnalyserNode methods. The BraveAudioFarblingHelper is only initialized when AudioBuffer methods (getChannelData or copyFromChannel) are called, but AnalyserNode methods require this helper for farbling. As a result, AnalyserNode data accessed before any AudioBuffer calls remains unfarbled and fingerprintable across sessions and domains, reducing user privacy.

Reproduces how often

Easily reproduced

Desktop Brave version (brave://version info)

Desktop Linux: Brave 1.73.89 Chromium 131.0.6778.69 (Ubuntu 22.04.5 LTS) Android: Brave 1.73.89 Chromium 131.0.6778.69 (Android 14)

Android device

Channel information

Reproducibility