Browser fingerprints - the invisible cookies you can't delete

  • 1 December 2014
  • 0 replies
  • 2 views

Userlevel 7
Badge +54
An excellent article and well worth a read. This was a surprise though "users had a 1 in 286,777 chance of sharing their fingerprint with somebody else."
 
by Mark Stockley on December 1, 2014
 
 


 
Dear reader, it seems that you are causing headaches in dark corners of the web.
I pinpoint you specifically, as a reader of Naked Security, because I assume that if you're a regular to this site then you're more likely than most to care about who's watching you online.
For the people trying to track you, profile you and sell to you, you're a problem.
Historically, techniques for tracking people's movements around the web have relied on HTTP cookies - small messages that 'tag' your browser so it can be uniquely identified.
Unfortunately for snoopers, profilers and marketers, cookie-based tracking leaves the final decision about whether you're followed or not in your hands because you can delete their cookies and disappear.
It's no secret that some vendors have moved on from cookies - local storage, Flash cookies and ETags have all been used in-the-wild, either as cookie replacements or as backups from which cookies can be 'respawned'.
These techniques have been successful because they're obscure but they all have the same fundamental weakness as cookies - they rely on things that you can delete.
The holy grail for tracking is to find a unique ID that you can't delete, something that identifies you uniquely based on who or what you are, not what you have.
 
Full Article

0 replies

Be the first to reply!

Reply