I am the senior privacy researcher at Brave Software,
where I work on new ways to improve privacy and security on the web,
and to measure the risk of new threats to Brave browser users.
I am the senior privacy researcher at Brave Software,
where I work on new ways to improve privacy and security on the Web,
and to fix new threats to Brave browser users.
I work under Ben Livshits,
Brendan Eich and alongside
a wonderful team of researchers, engineers and privacy experts.
I also co-chair PING,
the group in the W3C
that reviews spec proposals for privacy risks and concerns.
Before joining Brave, I worked on my PhD in the Computer Science department
at the University of Illinois at Chicago in the BITS Lab,
working under the kind and knowledgable guidance of Chris Kanich.
I research web security and privacy, including browser hardening techniques and
measuring how the growth of the Web API has impacted user privacy and security.
I use this research to build access control systems for browser functionally
and tools for deploying web applications that provide stronger
privacy and security guarantees for users.
-
Google and the Age of Privacy Theater
Wired
Mar 18, 2021
news
-
What's Up with the Apple App Store's Privacy Changes?
TheMarkup
Mar 16, 2021
news
-
How Apple, Google, and other browser makers are quietly duking it out over the future of the web
Business Insider
Dec 22, 2020
news
-
Google Chrome's crackdown on ad blockers and browser extensions, Manifest v3, is now available in beta
The Register
Dec 10, 2020
news
-
The digital switch that blocks all websites from selling your personal data
DigitalTrends
Nov 23, 2020
news
-
I Scanned the Websites I Visit with Blacklight, and It’s Horrifying. Now What?
TheMarkup
Sep 22, 2020
news
-
Google Is Working On A New Web Standard Called WebBundles Which Is Dangerous To The Privacy Of Internet Users, Security Researchers Warned
Digital Information World
Sep 01, 2020
news
-
Brave Takes Brave Stand Against Google's Plan to Turn Websites into Ad-Blocker-Thwarting Web Bundles
The Register
Aug 27, 2020
news
-
Google’s New Web Standard Could Disable Your Ad-Blocker
TechRadar
Aug 27, 2020
news
-
The Battle for Your Privacy on the Web With Pete Snyder
Software Sessions
Aug 12, 2020
podcast
-
Google's Plan for Chrome Capability has a Big Security Risk
C|Net
Jul 29, 2020
news
-
Aggrieved Ad Tech Types Decry Google Dominance in W3C Standards – Who Writes the Rules and for Whom?
The Register
Jul 17, 2020
news
-
FYI: Your Browser can pick up Ultrasonic Signals You Can't Hear, and That Sounds Like a Privacy Nightmare to Some
The Register
May 07, 2020
news
-
What the FLoC? Browser makers queue up to decry Google's latest ad-targeting initiative as invasive tracking
The Register
Apr 14, 2020
news
-
Google Chrome 80 Released With Controversial Deep Linking Upgrade
Forbes
Feb 23, 2020
news
-
Chrome Deploys Deep-Linking Tech in Latest Browser Build Despite Privacy Concerns
The Register
Feb 20, 2020
news
-
Google's Second Stab at Preserving Both Privacy and Ad Revenue Draws Fire
The Register
Feb 10, 2020
news
-
If You Want an Example of How User Concerns do not Drive Software Development, Check Out This Google-backed API
The Register
Dec 06, 2019
news
-
Protecting Your Online Privacy
Science Friday
Dec 01, 2017
radio
-
Why People Ruin Others’ Lives by Exposing All Their Data Online
NewScientist
Nov 13, 2017
news
-
First Large-Scale Doxing Study Reveals Motivations and Targets for Cyber Bullying
ScienceDaily
Nov 07, 2017
news
-
Gotta Have Standards? Security Boffins not API about Bloated Browsers
The Register
Oct 24, 2017
news
-
Privacy on the Modern Web
The Provocateur
Jul 31, 2017
podcast
-
Global Privacy Control, a new Privacy Standard Proposal, now Available in Brave’s Desktop and Android Testing Versions
- Peter Snyder
- Anton Lazarev
Brave Blog
Oct 07, 2020
-
WebBundles Harmful to Content Blocking, Security Tools, and the Open Web (Standards Updates #2)
- Peter Snyder
Brave Blog
Aug 25, 2020
-
What’s Brave Done For My Privacy Lately #5: Grab Bag
- François Marier
- Pranjal Jumde
- Ivan Efremov
- Peter Snyder
Brave Blog
Jul 20, 2020
-
What’s Brave Done For My Privacy Lately? Episode #4: Fingerprinting Defenses 2.0
- Peter Snyder
- Brian Johnson
- Ben Livshits
Brave Blog
May 18, 2020
-
What’s Brave Done For My Privacy Lately? Episode #3: Fingerprint Randomization
- Mark Pilgrim
- Peter Snyder
- Ben Livshits
Brave Blog
May 05, 2020
-
What’s Brave Done For My Privacy Lately? Episode #2: Third-Party Cosmetic Filtering
- Anton Lazarev
- Andrius Aucinas
- Peter Snyder
- Pete Miller
Brave Blog
Feb 20, 2020
-
What’s Brave Done For My Privacy Lately-Episode #1: Web Resource Replacements
- Anton Lazarev
- Andrius Aucinas
- Brian Bondy
- Peter Snyder
Brave Blog
Jan 23, 2020
-
Brave, Fingerprinting, and Privacy Budgets
- Peter Snyder
- Ben Livshits
Brave Blog
Dec 06, 2019
-
Privacy Anti-Patterns In Standards
- Peter Snyder
W3C Blog
Jun 12, 2019
-
Brave's Concerns with the Client-Hints Proposal
- Peter Snyder
- Pranjal Jumde
- Tom Lowenthal
- Brian Clifton
Brave Blog
May 09, 2019
-
Understanding Redirection-Based Tracking
- Peter Snyder
- Ben Livshits
Brave Blog
Aug 12, 2018
-
The Mounting Cost of Stale Ad Blocking Rules
- Antoine Vastel
- Peter Snyder
- Ben Livshits
Brave Blog
Jul 18, 2018
-
Instructor for Software Design – UIC CS342
2017
-
TA for Computer Networks – UIC CS450
2017,
2015
-
Best-of-Breed
Content Blocking in Brave: Three Projects to Improve the Depth, Breath, and Usefulness of Blocking
at Scale
invited talk
MADWeb
2020
-
Brave, Fingerprinting, and Privacy on the Web
invited talk
CS253 - Web Security course at Stanford
2019
-
Privacy, Standards and Anti-Patterns
invited talk
PEARG
at IETF
2019
-
Brave, Privacy and Standards
invited talk
WWW, W3C Track
2019
-
Web Privacy Beyond Extensions: New Browsers Are Pursuing Deep Privacy Protections
conference talk
USENIX Enigma
2019
-
Browser Feature Usage on the Modern Web
invited talk
UIC SIG Security
2017
-
Carnival of Privacy and Security Delights
conference presentation
- Jason Archer
- Nathanael Bassett
- Peter Snyder
AoIR
2016
-
Doxing and the Dark Web: Detecting, Measuring and Addressing Malicious Information Disclosures Online
invited talk
Homewood-Flossmoor Science Pub
2016
-
No Please, After You: Detecting Fraud in Affiliate Marketing Networks
invited talk
Department of Information Engineering at the CUHK,
hosted by Prof. Zhang Kehuan 張克環教授
2015
-
No Please, After You: Detecting Fraud in Affiliate Marketing Networks
invited talk
DePaul University's Security Daemon's group
2015
-
One Thing Leads to Another: Credential Based Privilege Escalation
poster
CODASPY
2015
-
Serving Two Masters: An Empirical Study of Browser API Cooptation
Student Knowledge Exchange at Notre Dame
2015
-
Cloudsweeper:
Enabling Data-Centric Document Management for Secure Cloud Archives
poster
GCASR
2014
-
Surveillance Defense: Small Easy Steps for Security and Privacy
invited talk
The Media Consortium
2014
-
PageGraph
PageGraph is an under-development, research effort to instrument Brave, blink and v8, to allow
for complete attribution of document modifications, network requests, script execution, and privacy-relevant
Web API accesses.
-
Fingerprinting Protection Improvements in Brave Browser
Improved the technique used to block fingerprinting related Web API methods
to reduce the impact on non-fingerprinting related code, and expanded the set
of blocked Web API methods to cover five more, previously allowed, methods used for
fingerprinting users.
-
Web API Manager Browser Extension
WebExtension, cross-browser extension that allows users to improve their privacy and security
online by controlling what browser functionality web hosts have access to. Web API functionality access controls can be
defined in general, or on a per host level, and can allow, for example, only trusted hosts to have access to privacy-risky
browser functionality like high resolution timers, WebGL and WebRTC.
-
Cloudsweeper
Webservice tool to measure and mitigate the frequency of plaintext password sharing in Gmail
archives. The public tool allows users to redact or encrypt-in-place found passwords. The site has had over 2,500
users and has secured over 38,000 messages
-
CDF: Abstractions for
Security Guarantees in Interactive Web Applications
Built client and server-side tools for implementing CDF, a document format for building dynamic,
interactive web applications that provide increased security and privacy guarantees for users of
commodity
web browsers.
-
Machine
Learning for Automatic 8bit Song Generation
Library to write original NES chip-style soundtracks using a corpus of 39 classic NES games and
machine learning.
-
Objective-C Dijkstra implementation
Library to perform Dijkstra in Objective-C (for iOS and OSX).
-
FormBug
A Firefox extension to make dealing and developing form based applications easier. I just
maintain it now, but wrote it back when I was doing web development work.