Date:17/01/17
Named "cross-browser fingerprinting" (CBF), this practice relies on new technologies added to web browsers in recent years, some of which had been previously considered unreliable for cross-browser tracking and only used for single browser fingerprinting.
These new techniques rely on making browsers carry out operations that use the underlying hardware components to process the desired data.
Researchers measured the response to these operations and used this information to identify the different hardware rigs, specific to distinct users, regardless of the browser accessing a test website.
For example, making a browser apply an image to the side of a 3D cube in WebGL provides a similar response in hardware parameters for all browsers. This is because the GPU card is the one carrying out this operation and not the browser software.
Researchers used all these techniques together to test how many users they would be able to pin to the same computer. For tests, researchers used browsers such as Chrome, Firefox, Edge, IE, Opera, Safari, Maxthon, UC Browser, and Coconut.
Results showed that CBF techniques were able to correctly identify 99.24% of all test users. Previous research methods achieved only a 90.84% result.
"Our fingerprintable features are highly reliable," researchers said, "the removal of one single feature has little impact on the fingerprinting results."
The research team recommends users to use the Tor Browser if they want to avoid cross-browser fingerprinting.
"Tor Browser normalizes many browser outputs to mitigate existing browser fingerprinting," researchers said, albeit the browser is not perfect, still allowing some fingerprinting via screen width and AudioContext parameters. "We believe that it is easy for Tor Browser to normalize these remaining outputs," researchers added.
For other browsers, researchers recommend that they implement virtualization layers in order to process the hardware-level operations on a generic virtual platform (machine), the same for a large number of users.
The research paper titled (Cross-)Browser Fingerprinting via OS and Hardware Level Features will be presented at the Network & Distributed System Security Symposium in February 2017.
New Fingerprinting Techniques Identify Users Across Different Browsers on the Same PC
A team of researchers from universities across the US has identified different fingerprinting techniques that can track users when they use different browsers installed on the same machine.Named "cross-browser fingerprinting" (CBF), this practice relies on new technologies added to web browsers in recent years, some of which had been previously considered unreliable for cross-browser tracking and only used for single browser fingerprinting.
These new techniques rely on making browsers carry out operations that use the underlying hardware components to process the desired data.
Researchers measured the response to these operations and used this information to identify the different hardware rigs, specific to distinct users, regardless of the browser accessing a test website.
For example, making a browser apply an image to the side of a 3D cube in WebGL provides a similar response in hardware parameters for all browsers. This is because the GPU card is the one carrying out this operation and not the browser software.
Researchers used all these techniques together to test how many users they would be able to pin to the same computer. For tests, researchers used browsers such as Chrome, Firefox, Edge, IE, Opera, Safari, Maxthon, UC Browser, and Coconut.
Results showed that CBF techniques were able to correctly identify 99.24% of all test users. Previous research methods achieved only a 90.84% result.
"Our fingerprintable features are highly reliable," researchers said, "the removal of one single feature has little impact on the fingerprinting results."
The research team recommends users to use the Tor Browser if they want to avoid cross-browser fingerprinting.
"Tor Browser normalizes many browser outputs to mitigate existing browser fingerprinting," researchers said, albeit the browser is not perfect, still allowing some fingerprinting via screen width and AudioContext parameters. "We believe that it is easy for Tor Browser to normalize these remaining outputs," researchers added.
For other browsers, researchers recommend that they implement virtualization layers in order to process the hardware-level operations on a generic virtual platform (machine), the same for a large number of users.
The research paper titled (Cross-)Browser Fingerprinting via OS and Hardware Level Features will be presented at the Network & Distributed System Security Symposium in February 2017.
Views: 409
©ictnews.az. All rights reserved.Similar news
- Azerbaijani project to monitor disease via mobile phones
- Innovative educational system to be improved under presidential decree
- NTRC prolongs license of two TV and radio organizations for 6 years
- Azerbaijan establishes e-registry for medicines
- Azerbaijani museum introduces e-guide
- Nar Mobile opens “Nar Dunyasi” sales and service center in Siyazan city
- International conference on custom electronic services held in Baku
- OIC secretary general to attend COMSTECH meeting in Baku
- Azerbaijan develops earthquake warning system
- New law to regulate transition to digital broadcasting in Azerbaijan
- Azerbaijani State Social Protection Fund introduces electronic digital signature
- Intellectual traffic management system in Baku to be commissioned in December
- Tax Ministry of Azerbaijan started receiving video-addresses
- World Bank recommends Azerbaijan to speed up e-service introduction in real estate
- Azerbaijan to shift to electronic registration of real estate