The extent to which a network request is distinctive is how much information it might leak out of the system.

· Bits and Bobs 2/18/25
  • The extent to which a network request is distinctive is how much information it might leak out of the system.
    • Imagine a system where many thousands of users' activity is all pooled.
    • When a network request leaves that system, external observers can't tell which user initiated it.
    • But even seemingly innocuous network requests might leak arbitrary information.
    • Imagine a nefarious agent said "When you reach out to this seemingly innocuous but rare URL I control, I'll take that as the bat signal that [specific situation] about [specific user] has happened, and initiate the attack on them."
    • A nefarious agent could make millions of special canary URLs that could lead to arbitrary information leakage as long as they created a ton of them ahead of time.
    • As the operator of this system, how can you verify that this isn't happening?
    • The answer comes down to the distinctiveness of the request.
    • If that precise network request (including all of its parameters) has happened across thousands of users recently, then no new information leaks out.
      • "Someone somewhere is looking for weather in Berkeley" doesn't really leak much.
    • The system needs to keep track of how distinctive network requests are, how much they "stand out" to determine how possibly identifying they could be.