Escaping the Privacy Sandbox with Client Side Deanonymization Attacks
Eugene Lim
DEF CON 33 (backfill) · Day 1 · Main Stage
In this insightful DEF CON talk, Eugene Lim, also known as Space Raccoon, delved into the intricacies of Google's **Privacy Sandbox** and exposed critical client-side deanonymization vulnerabilities within its **Attribution Reporting API**. While Google positions the Privacy Sandbox as a privacy-preserving alternative to third-party cookies, Lim's research demonstrates that its complex design and attempts to satisfy conflicting interests of advertisers and privacy advocates have introduced significant security flaws. The talk served as a deeper dive into findings previously presented on the main stage, offering granular technical details and a behind-the-scenes look at the research process.
AI review
Lim found real, novel bugs in a live, widely-deployed API that Google spent years telling the world was private — including a cross-site leak that punches straight through Referrer-Policy and a boolean oracle built on an undocumented rate limit that nobody else noticed. Both attacks required original investigation, not just reading a spec. Minor caveat: the oracle's practical exploitation path at scale has some handwaving, and no live demo means you take some of the claim on faith.