testing the unicity of your browser fingerprints

the real-world practice of “device fingerprinting”: a process that collects the screen size, list of available fonts, software versions, and other properties of the visitor’s computer or smartphone to create a profile that is often unique to that machine.

Some websites deployed code based on Adobe’s Flash Player that fingerprinted users surreptitiously. Others used JavaScript-based fingerprinting

Device fingerprinting serves many legitimate purposes, including mitigating the impact of denial-of-service attacks, preventing fraud, protecting against account hijacking, and curbing content scraping, bots, and other automated nuisances.

But fingerprinting also has a darker side.
For one, few websites that include fingerprinting code in their pages disclose the practice in their terms of service.
For another, marketing companies advertise their ability to use fingerprinting to identify user behavior across websites and devices. That suggests device fingerprinting may be used much the way tracking cookies are used to follow people as they browse from site to site, even though fingerprinting isn’t covered by most laws governing cookies and websites’ Do Not Track policies

most end users have no idea that their computers are being fingerprinted, and they have few recourses to prevent the practice

fingerprinting works just as well in the ‘private-mode’ of modern browsers

device fingerprinting may have given the National Security Agency and its counterparts around the world an avenue to identify people using the Tor privacy service

users who want to prevent their systems from being fingerprinted have few options other than to run Tor.

Disabling JavaScript and Flash in the browser reduces some of the information websites can collect, but it does nothing to stop font probing, including the attack on older versions of the Tor Browser

how to test the anonymity of your browser (by the Electronic Frontier Foundation): https://panopticlick.eff.org/

source: http://arstechnica.com/security/2013/10/top-sites-and-maybe-the-nsa-track-users-with-device-fingerprinting/

Advertisements
Explore posts in the same categories: techs

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: