DOCSLIB.ORG

Fp-Scanner: the Privacy Implications of Browser Fingerprint Inconsistencies Antoine Vastel, Univ

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Fp-Scanner: the Privacy Implications of Browser Fingerprint Inconsistencies Antoine Vastel, Univ Fp-Scanner: The Privacy Implications of Browser Fingerprint Inconsistencies Antoine Vastel, Univ. Lille / Inria / Inria; Pierre Laperdrix, Stony Brook University; Walter Rudametkin, Univ. Lille / Inria / Inria; Romain Rouvoy, Univ. Lille / Inria / IUF https://www.usenix.org/conference/usenixsecurity18/presentation/vastel This paper is included in the Proceedings of the 27th USENIX Security Symposium. August 15–17, 2018 • Baltimore, MD, USA ISBN 978-1-939133-04-5 Open access to the Proceedings of the 27th USENIX Security Symposium is sponsored by USENIX. FP-Scanner: The Privacy Implications of Browser Fingerprint Inconsistencies Antoine Vastel Pierre Laperdrix Univ. Lille / Inria Stony Brook University [email protected] [email protected] Walter Rudametkin Romain Rouvoy Univ. Lille / Inria Univ. Lille / Inria / IUF [email protected] [email protected] Abstract In 2010, Eckerlsey [3] revealed a stateless track- ing technique that can complement traditional stateful By exploiting the diversity of device and browser con- tracking: browser fingerprinting. This technique com- figurations, browser fingerprinting established itself as a bines several non-Personally Identifiable Information viable technique to enable stateless user tracking in pro- (PII) made available as browser attributes and reveal the duction. Companies and academic communities have re- nature of the user device. These attributes are disclosed sponded with a wide range of countermeasures. How- by querying a rich diversity of JavaScript APIs, and by ever, the way these countermeasures are evaluated does analyzing HTTP headers sent by the browser. By col- not properly assess their impact on user privacy, in par- lecting browser fingerprints composed of 8 attributes, he ticular regarding the quantity of information they may demonstrated that 83:6% of the visitors of the PANOP- indirectly leak by revealing their presence. TICLICK website could be uniquely identified. In this paper, we investigate the current state of the Since browser fingerprinting is stateless, it is difficult art of browser fingerprinting countermeasures to study for end-users to opt-out or block, and raises several pri- the inconsistencies they may introduce in altered finger- vacy concerns, in particular when it comes to undesired prints, and how this may impact user privacy. To do so, advertising and profiling. In response to these concerns, we introduce FP-SCANNER as a new test suite that ex- researchers have developed countermeasures to protect plores browser fingerprint inconsistencies to detect po- against browser fingerprinting [10, 11, 15, 20]. Most of tential alterations, and we show that we are capable of the countermeasures rely on modifying the fingerprint’s detecting countermeasures from the inconsistencies they attributes to hide their true identity. Nonetheless, this introduce. Beyond spotting altered browser fingerprints, strategy tends to generate inconsistent combinations of we demonstrate that FP-SCANNER can also reveal the attributes called inconsistencies, which are used by com- original value of altered fingerprint attributes, such as the mercial fingerprinters, like AUGUR1, or open source li- browser or the operating system. We believe that this re- braries, such as FINGERPRINTJS2 [21], to detect coun- sult can be exploited by fingerprinters to more accurately termeasures. target browsers with countermeasures. In this paper, we extend the work of Niki- forakis et al. [16], which focused on revealing inconsis- 1 Introduction tencies to detect user agent spoofers, to consider a much wider range of browser fingerprinting countermeasures. Recent studies have shown that user tracking keeps in- To do so, we introduce FP-SCANNER, a fingerprint scan- creasing among popular websites [2, 4, 23], with mo- ner that explores fingerprint attribute inconsistencies in- tivations ranging from targeted advertising to content troduced by state-of-the-art countermeasures in order to personalization or security improvements. State-of-the- detect if a given fingerprint is genuine or not. In partic- art tracking techniques assign a Unique User IDentifier ular, we show that none of the existing countermeasures (UUID), which is stored locally—either as a cookie or succeed in lying consistently without being detected and some other storage mechanism (e.g., local storage, E- that it is even possible to recover the ground value of key tags). Nonetheless, to protect users, private browsing attributes, such as the OS or the browser. Then, we dis- modes and extensions automatically delete cookies and cuss how using detectable countermeasures may impact clear storages at the end of a session, decreasing the effi- user privacy, in particular how fingerprinters can leverage ciency of the standard tracking techniques. this information to improve their tracking algorithms. USENIX Association 27th USENIX Security Symposium 135 In summary, this paper reports on 5 contributions to considering JavaScript-related attributes. With the ap- better evaluate the privacy impact of browser fingerprint- pearance of new JavaScript APIs, Mowery et al. [14] ing countermeasures: 1) we review the state-of-the-art showed how the HTML 5 canvas API could be used to browser fingerprinting countermeasures, 2) we propose generate a 2D image whose exact rendering depends on an approach that leverages the notion of consistency to the device. In 2016, Laperdrix et al. [12] studied the detect if a fingerprint has been altered, 3) we implement diversity of fingerprint attributes, both on desktop and a fingerprinting script and an inconsistency scanner ca- mobile devices, and showed that even if attributes, like pable of detecting altered fingerprints at runtime, 4) we the list of plugins or the list of fonts obtained through run extensive experiments to detect how fingerprinting Flash, exhibit high entropy, new attributes like canvas countermeasures can be detected using our inconsistency are also highly discriminating. They also discovered scanner, and 5) we discuss the impact of our findings on that, even though many mobile devices, such as iPhones, user privacy. are standardized, other devices disclose a lot of informa- The remainder of this paper is organized as follows. tion about their nature through their user agent. More Section 2 overviews the state of the art in the domain of recently, Gomez-Boix´ et al. [8] analyzed the impact of browser fingerprinting before exploring existing browser browser fingerprinting at a large scale. Their findings fingerprinting countermeasures. Then, Section 3 intro- raise some new questions on the effectiveness of finger- duces a new test suite to detect altered browser finger- printing as a tracking and identification technique as only prints. Section 4 reports on an empirical evaluation of 33.6% of more than two million fingerprints they ana- our contribution and Section 5 discusses the impact on lyzed were unique. user privacy, as well as the threats to validity. Finally, we Besides fingerprint uniqueness, which is critical for conclude and present some perspectives in Section 6. tracking, stability is also required, as browser finger- prints continuously evolve with browser and system up- dates. Eckersley [3] was the first to propose a sim- 2 Background & Motivations ple heuristic to link evolutions of fingerprints over time. More recently, Vastel et al. [22] showed that, using a set Before addressing the consistency properties of finger- of rules combined with machine learning, it was possible print attributes (cf. Section 2.3), we introduce the princi- to keep track of fingerprint evolutions over long periods ples of browser fingerprint (cf. Section 2.1) and existing of time. countermeasures in this domain (cf. Section 2.2). Browser Fingerprinting Adoption. Several studies 2.1 Browser Fingerprinting in a Nutshell using Alexa top-ranked websites have shown a steady growth in the adoption of browser fingerprinting tech- Browser fingerprinting provides the ability to identify niques [1, 2, 5, 16]. The most recent, conducted by En- a browser instance without requiring a stateful iden- glehardt et al. [5], observed that more than 5% of the tifier. This means that contrary to classical tracking Top 1000 Global Sites listed by Alexa were using canvas techniques—such as cookies—it does not store anything fingerprinting techniques. on the user device, making it both harder to detect and to protect against. When a user visits a website, the finger- printer provides a script that the browser executes, which 2.2 Browser Fingerprinting Countermea- automatically collects and reports a set of attributes re- sures lated to the browser and system configuration known as In response to the privacy issues triggered by browser fin- a browser fingerprint. Most of the attributes composing a gerprint tracking, several countermeasures have been de- fingerprint come from either JavaScript browser APIs— veloped. Among these, we distinguish 5 different strate- particularly the navigator object—or HTTP headers. gies of browser fingerprinting countermeasures: script When considered individually, these attributes do not re- blocking, attribute blocking, attribute switching with pre- veal a lot of information, but their combination has been existing values, attribute blurring with the introduction demonstrated as being mostly unique [3, 12]. of noise, and reconfiguration through virtualization. While script blocking extensions are not specifically Browser Fingerprints Uniqueness and Linkability. designed to counter browser fingerprinting,
Load more

Recommended publications
  • Private Browsing
    Away From Prying Eyes: Analyzing Usage and Understanding of Private Browsing Hana Habib, Jessica Colnago, Vidya Gopalakrishnan, Sarah Pearman, Jeremy Thomas, Alessandro Acquisti, Nicolas Christin, and Lorrie Faith Cranor, Carnegie Mellon University https://www.usenix.org/conference/soups2018/presentation/habib-prying This paper is included in the Proceedings of the Fourteenth Symposium on Usable Privacy and Security. August 12–14, 2018 • Baltimore, MD, USA ISBN 978-1-939133-10-6 Open access to the Proceedings of the Fourteenth Symposium on Usable Privacy and Security is sponsored by USENIX. Away From Prying Eyes: Analyzing Usage and Understanding of Private Browsing Hana Habib, Jessica Colnago, Vidya Gopalakrishnan, Sarah Pearman, Jeremy Thomas, Alessandro Acquisti, Nicolas Christin, Lorrie Faith Cranor Carnegie Mellon University {htq, jcolnago, vidyag, spearman, thomasjm, acquisti, nicolasc, lorrie}@andrew.cmu.edu ABSTRACT Prior user studies have examined different aspects of private Previous research has suggested that people use the private browsing, including contexts for using private browsing [4, browsing mode of their web browsers to conduct privacy- 10, 16, 28, 41], general misconceptions of how private brows- sensitive activities online, but have misconceptions about ing technically functions and the protections it offers [10,16], how it works and are likely to overestimate the protections and usability issues with private browsing interfaces [41,44]. it provides. To better understand how private browsing is A major limitation of much prior work is that it is based used and whether users are at risk, we analyzed browsing on self-reported survey data, which may not always be reli- data collected from over 450 participants of the Security able.
    [Show full text]
  • The Effi Barry Training Institute Application
    Notice of Funding Opportunity Government of the District of Columbia Department of Health HIV/AIDS, Hepatitis, STD, and TB Administration H A H S T A The Effi Barry Training Institute Application RFA Number: HAHSTA_EBTI_07.03.20 Application Deadline: Monday, August 3, 2020 at 6:00 PM Late applications cannot be accepted The Department of Health (DC Health) reserves the right to, without prior notice, reduce or cancel one or more programs listed in this Request for Applications (RFA), reject all applications, adjust total funds available, or cancel the RFA in part or whole. Funding levels in the respective program areas and budget amount in the award, if awarded, sub grant agreement is contingent on continued funding, sub grantee performance, and/or reduction, elimination, or reallocation funds by a federal grantor, the Executive Office of the Mayor (EOM) of the Government of the District of Columbia and/or the Department of Health in accordance with applicable sections within the sub grant award and/or agreement. Pre-application Conference: DATE: Wednesday, July 8, 2020 TIME: 2:30 PM – 4:00 PM VIRTUAL ZOOM CALL https://us02web.zoom.us/j/8178711891 Zoom/Conference Meeting ID: 817 8711 8910 (Call Access) - One tap mobile +13017158592-81787118910# Application Deadline: DATE: Monday, August 3, 2020 TIME: by 6:00 pm WHERE: Application submission must be done electronically through the Enterprise Grants Management System (See pages 7-9) Applications submitted after 6:00 PM cannot be accepted. You may download this application from: www.dchealth.dc.gov/ebtifunding http://opgs.dc.gov/page/opgs-district-grants- clearinghouse Effi Barry Training Institute Grant 2020 Table of Contents Notice of Funding Availability ........................................
    [Show full text]
  • GOOGLE LLC V. ORACLE AMERICA, INC
    (Slip Opinion) OCTOBER TERM, 2020 1 Syllabus NOTE: Where it is feasible, a syllabus (headnote) will be released, as is being done in connection with this case, at the time the opinion is issued. The syllabus constitutes no part of the opinion of the Court but has been prepared by the Reporter of Decisions for the convenience of the reader. See United States v. Detroit Timber & Lumber Co., 200 U. S. 321, 337. SUPREME COURT OF THE UNITED STATES Syllabus GOOGLE LLC v. ORACLE AMERICA, INC. CERTIORARI TO THE UNITED STATES COURT OF APPEALS FOR THE FEDERAL CIRCUIT No. 18–956. Argued October 7, 2020—Decided April 5, 2021 Oracle America, Inc., owns a copyright in Java SE, a computer platform that uses the popular Java computer programming language. In 2005, Google acquired Android and sought to build a new software platform for mobile devices. To allow the millions of programmers familiar with the Java programming language to work with its new Android plat- form, Google copied roughly 11,500 lines of code from the Java SE pro- gram. The copied lines are part of a tool called an Application Pro- gramming Interface (API). An API allows programmers to call upon prewritten computing tasks for use in their own programs. Over the course of protracted litigation, the lower courts have considered (1) whether Java SE’s owner could copyright the copied lines from the API, and (2) if so, whether Google’s copying constituted a permissible “fair use” of that material freeing Google from copyright liability. In the proceedings below, the Federal Circuit held that the copied lines are copyrightable.
    [Show full text]
  • Tracking Users Across the Web Via TLS Session Resumption
    Tracking Users across the Web via TLS Session Resumption Erik Sy Christian Burkert University of Hamburg University of Hamburg Hannes Federrath Mathias Fischer University of Hamburg University of Hamburg ABSTRACT modes, and browser extensions to restrict tracking practices such as User tracking on the Internet can come in various forms, e.g., via HTTP cookies. Browser fingerprinting got more difficult, as trackers cookies or by fingerprinting web browsers. A technique that got can hardly distinguish the fingerprints of mobile browsers. They are less attention so far is user tracking based on TLS and specifically often not as unique as their counterparts on desktop systems [4, 12]. based on the TLS session resumption mechanism. To the best of Tracking based on IP addresses is restricted because of NAT that our knowledge, we are the first that investigate the applicability of causes users to share public IP addresses and it cannot track devices TLS session resumption for user tracking. For that, we evaluated across different networks. As a result, trackers have an increased the configuration of 48 popular browsers and one million of the interest in additional methods for regaining the visibility on the most popular websites. Moreover, we present a so-called prolon- browsing habits of users. The result is a race of arms between gation attack, which allows extending the tracking period beyond trackers as well as privacy-aware users and browser vendors. the lifetime of the session resumption mechanism. To show that One novel tracking technique could be based on TLS session re- under the observed browser configurations tracking via TLS session sumption, which allows abbreviating TLS handshakes by leveraging resumptions is feasible, we also looked into DNS data to understand key material exchanged in an earlier TLS session.
    [Show full text]
  • Forensic Investigation of User's Web Activity on Google Chrome Using
    IJCSNS International Journal of Computer Science and Network Security, VOL.16 No.9, September 2016 123 Forensic Investigation of User’s Web Activity on Google Chrome using various Forensic Tools Narmeen Shafqat, NUST, Pakistan Summary acknowledged browsers like Internet Explorer, Google Cyber Crimes are increasing day by day, ranging from Chrome, Mozilla Firefox, Safari, Opera etc. but should confidentiality violation to identity theft and much more. The also have hands on experience of less popular web web activity of the suspect, whether carried out on computer or browsers like Erwise, Arena, Cello, Netscape, iCab, smart device, is hence of particular interest to the forensics Cyberdog etc. Not only this, the forensic experts should investigator. Browser forensics i.e forensics of suspect’s browser also know how to find artifacts of interest from older history, saved passwords, cache, recent tabs opened etc. , therefore supply ample amount of information to the forensic versions of well-known web browsers; Internet Explorer, experts in case of any illegal involvement of the culprit in any Chrome and Mozilla Firefox atleast, because he might activity done on web browsers. Owing to the growing popularity experience a case where the suspected person is using and widespread use of the Google Chrome web browser, this older versions of these browsers. paper will forensically analyse the said browser in windows 8 According to StatCounter Global market share for the web environment, using various forensics tools and techniques, with browsers (2015), Google Chrome, Mozilla Firefox and the aim to reconstruct the web browsing activities of the suspect. Microsoft’s Internet Explorer make up 90% of the browser The working of Google Chrome in regular mode, private usage.
    [Show full text]
  • Incognito (Private Browsing) for AHA Online Testing
    Incognito (private browsing) for AHA Online Testing Go Incognito on Google Chrome 1. Open Google Chrome and click the wrench icon in the top right corner. 2. Click ‘new incognito window’. 3. Alternatively, you can press Ctrl + Shift + N. *You can also open a link in a web page in Incognito Mode. 1. Right-click on the link you want to open in an Incognito window. 2. Click ’Open in new incognito window’ from the context menu. **You can tell if you’re browsing privately by looking for the logo of the person in disguise in the top-left corner of the window. He’s wearing sunglasses, a hat and a raincoat. Go Incognito on Mozilla Firefox 1. Open Firefox and click the hamburger Menu button – it looks like three parallel lines. 2. Click ‘New private window’. *You can also open a link in a web page in a private window. 1. Right-click on the link you want to open in a private window. 2. Click ’Open in New Private Window’ from the context menu. **You can tell if you’re browsing privately by looking for an icon of a purple mask in the top-right corner of the window. Go Incognito on Safari on the Mac 1. In Yosemite and later, open Safari and click on ‘File’. 2. Click ‘New Private Window’. 3. Alternatively, click Command + Shift + N. 4. In Mavericks 10.9 or older, open Safari and click Safari in the browser’s Menu bar and select ‘Private Browsing’. **Private browsing tabs in Safari are separated from non-private tabs.
    [Show full text]
  • An Analysis of Private Browsing Modes in Modern Browsers
    An Analysis of Private Browsing Modes in Modern Browsers Gaurav Aggarwal Elie Bursztein Collin Jackson Dan Boneh Stanford University CMU Stanford University Abstract Even within a single browser there are inconsistencies. We study the security and privacy of private browsing For example, in Firefox 3.6, cookies set in public mode modes recently added to all major browsers. We first pro- are not available to the web site while the browser is in pose a clean definition of the goals of private browsing private mode. However, passwords and SSL client cer- and survey its implementation in different browsers. We tificates stored in public mode are available while in pri- conduct a measurement study to determine how often it is vate mode. Since web sites can use the password man- used and on what categories of sites. Our results suggest ager as a crude cookie mechanism, the password policy that private browsing is used differently from how it is is inconsistent with the cookie policy. marketed. We then describe an automated technique for Browser plug-ins and extensions add considerable testing the security of private browsing modes and report complexity to private browsing. Even if a browser ad- on a few weaknesses found in the Firefox browser. Fi- equately implements private browsing, an extension can nally, we show that many popular browser extensions and completely undermine its privacy guarantees. In Sec- plugins undermine the security of private browsing. We tion 6.1 we show that many widely used extensions un- propose and experiment with a workable policy that lets dermine the goals of private browsing.
    [Show full text]
  • Features Guide [email protected] Table of Contents
    Features Guide [email protected] Table of Contents About Us .................................................................................. 3 Make Firefox Yours ............................................................... 4 Privacy and Security ...........................................................10 The Web is the Platform ...................................................11 Developer Tools ..................................................................13 2 About Us About Mozilla Mozilla is a global community with a mission to put the power of the Web in people’s hands. As a nonprofit organization, Mozilla has been a pioneer and advocate for the Web for more than 15 years and is focused on creating open standards that enable innovation and advance the Web as a platform for all. We are committed to delivering choice and control in products that people love and can take across multiple platforms and devices. For more information, visit www.mozilla.org. About Firefox Firefox is the trusted Web browser of choice for half a billion people around the world. At Mozilla, we design Firefox for how you use the Web. We make Firefox completely customizable so you can be in control of creating your best Web experience. Firefox has a streamlined and extremely intuitive design to let you focus on any content, app or website - a perfect balance of simplicity and power. Firefox makes it easy to use the Web the way you want and offers leading privacy and security features to help keep you safe and protect your privacy online. Mozilla continues to move the Web forward by pioneering new open source technologies such as asm.js, Emscripten and WebAPIs. Firefox also has a range of amazing built-in developer tools to provide a friction-free environment for building Web apps and Web content.
    [Show full text]
  • Online Tracking: a 1-Million-Site Measurement and Analysis
    Online Tracking: A 1-million-site Measurement and Analysis Steven Englehardt Arvind Narayanan Princeton University Princeton University This is an extended version of our paper that appeared at ACM CCS 2016. ABSTRACT to resort to a stripped-down browser [31] (a limitation we explore in detail in Section 3.3). (2) We provide compre­ We present the largest and most detailed measurement of hensive instrumentation by expanding on the rich browser online tracking conducted to date, based on a crawl of the extension instrumentation of FourthParty [33], without re­ top 1 million websites. We make 15 types of measurements quiring the researcher to write their own automation code. on each site, including stateful (cookie-based) and stateless (3) We reduce duplication of work by providing a modular (fingerprinting-based) tracking, the effect of browser privacy architecture to enable code re-use between studies. tools, and the exchange of tracking data between different Solving these problems is hard because the web is not de­ sites (“cookie syncing”). Our findings include multiple so­ 2 signed for automation or instrumentation. Selenium, the phisticated fingerprinting techniques never before measured main tool for automated browsing through a full-fledged in the wild. browser, is intended for developers to test their own web­ This measurement is made possible by our open-source 1 sites. As a result it performs poorly on websites not con­ web privacy measurement tool, OpenWPM , which uses an trolled by the user and breaks frequently if used for large- automated version of a full-fledged consumer browser. It scale measurements. Browsers themselves tend to suffer supports parallelism for speed and scale, automatic recovery memory leaks over long sessions.
    [Show full text]
  • Private Browsing
    MyChart Troubleshooting Guide Private Browsing Private Browsing helps prevent your browsing history, temporary Internet files, form data, cookies, and user names and passwords from being retained by the browser. This functionality is a good idea to use on a public/shared computer but it can also help isolate your browser and ensure that installed plugins or add-ons can’t interfere with the user’s browser session. Internet Explorer – Directions to turn on: InPrivate Browsing http://windows.microsoft.com/en-us/windows/inprivate-faq#1TC=windows-7 To turn on InPrivate Browsing, complete the following steps: Double click on the Internet Explorer icon to open a new browsing session. Click the Tools icon ; click Safety, then click InPrivate Browsing. Open a new Internet tab by clicking this icon . You should now see an InPrivate indicator next to the URL bar. Any website that you enter in the URL bar will be InPrivate mode. Mozilla Firefox – Directions to turn on: Private Browsing https://support.mozilla.org/en-US/kb/private-browsing-browse-web-without-saving-info To turn on Private Browsing, do any of the following: Double click on the Mozilla Firefox icon to open a new browsing session. Click the menu button and then click on New Private Window. Open a new Internet tab by clicking this icon . You should now see a Private Browsing indicator next to the URL bar. Any website that you enter in the URL bar will be in Private Browsing mode. Google Chrome – Directions to turn on: Incognito Mode https://support.google.com/chrome/answer/95464?hl=en To turn on incognito mode, do any of the following: Double click on the Google Chrome icon to open a new browsing session.
    [Show full text]
  • RFC 8828: Webrtc IP Address Handling Requirements
    Stream: Internet Engineering Task Force (IETF) RFC: 8828 Category: Standards Track Published: January 2021 ISSN: 2070-1721 Authors: J. Uberti G. Shieh Google RFC 8828 WebRTC IP Address Handling Requirements Abstract This document provides information and requirements for how IP addresses should be handled by Web Real-Time Communication (WebRTC) implementations. Status of This Memo This is an Internet Standards Track document. This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 7841. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at https://www.rfc-editor.org/info/rfc8828. Copyright Notice Copyright (c) 2021 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Uberti & Shieh Standards Track Page 1 RFC 8828 WebRTC IP Handling January 2021 Table of Contents 1.
    [Show full text]
  • Programming Mac OS X: a GUIDE for UNIX DEVELOPERS
    Programming Mac OS X: A GUIDE FOR UNIX DEVELOPERS KEVIN O’MALLEY MANNING Programming Mac OS X Programming Mac OS X A GUIDE FOR UNIX DEVELOPERS KEVIN O’MALLEY MANNING Greenwich (74° w. long.) For electronic information and ordering of this and other Manning books, go to www.manning.com. The publisher offers discounts on this book when ordered in quantity. For more information, please contact: Special Sales Department Manning Publications Co. 209 Bruce Park Avenue Fax: (203) 661-9018 Greenwich, CT 06830 email: [email protected] ©2003 by Manning Publications Co. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by means electronic, mechanical, photocopying, or otherwise, without prior written permission of the publisher. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in the book, and Manning Publications was aware of a trademark claim, the designations have been printed in initial caps or all caps. Recognizing the importance of preserving what has been written, it is Manning’s policy to have the books they publish printed on acid-free paper, and we exert our best efforts to that end. Manning Publications Co. Copyeditor: Tiffany Taylor 209 Bruce Park Avenue Typesetter: Denis Dalinnik Greenwich, CT 06830 Cover designer: Leslie Haimes ISBN 1-930110-85-5 Printed in the United States of America 12345678910–VHG–05 040302 brief contents PART 1OVERVIEW ............................................................................. 1 1 ■ Welcome to Mac OS X 3 2 ■ Navigating and using Mac OS X 27 PART 2TOOLS ..................................................................................
    [Show full text]