TLS Session Resumption Tracking Vulnerability

A Former User

A Former User last edited by

According to recently published research, TLS Session Resumption can be abused to track browser (Opera and many others) across web sites.

https://www.zdnet.com/article/advertisers-can-track-users-across-the-internet-via-tls-session-resumption/#ftag=RSSbaffb68

https://svs.informatik.uni-hamburg.de/publications/2018/2018-12-06-Sy-ACSAC-Tracking_Users_across_the_Web_via_TLS_Session_Resumption.pdf

How can Opera users configure TLS Session resumption to the recommended 10 minute threshold?

I've searched FAQs, can find nothing. Also nothing in the config setting of Opera itself.

Thanks very much.

leocg

leocg Moderator Volunteer @Guest last edited by

They can't.

A Former User

A Former User @leocg last edited by

OK -- will the ability to tune TLS to user preferences be added?

leocg

leocg Moderator Volunteer @Guest last edited by

I guess it may depend on Chromium but I don't see Opera doing it.