1 / 15

Using browser properties for fingerprinting

Using browser properties for fingerprinting. Ralph broenink. User tracking. Alert Drunk terrorist going to put a bomb in a teddy bear. ‘traditional’ cookies. Flash Local Shared Objects. HTTP Cookies. HTML5 Local Storage. ‘Traditional’ cookies. 3u938s24. 3u938s24.

tait
Download Presentation

Using browser properties for fingerprinting

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Using browser propertiesforfingerprinting Ralph broenink

  2. User tracking Alert Drunk terrorist goingto put a bomb in a teddy bear

  3. ‘traditional’ cookies Flash Local Shared Objects HTTP Cookies HTML5 Local Storage

  4. ‘Traditional’ cookies 3u938s24 3u938s24 3u938s24 3u938s24

  5. “Anyonewho[…] wants to save data in the peripherals of the user, is requiredto […] have obtainedpermissionfrom the user.” – article 11.7a, Telecommunicatiewet (translated) Isn’tthere a new lawagainstit?

  6. Yeah, but ... Host: www.letmetrackyou.org Connection: keep-alive Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.18 (KHTML, like Gecko) Chrome/18.0.1010.1 Safari/535.18 Accept: text/html,application/xhtml+xml, application/xml;q=0.9,*/*;q=0.8 Accept-Encoding:gzip,deflate,sdchAccept-Language:en-GB,en;q=0.8, en-US;q=0.6,nl;q=0.4Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3  name version language character set screen resolution operating system timezone font list + order HTTP HEADERS JAVASCRIPT

  7. identical (consistent)? unique? Character set: UTF-8 Resolution: 1280x768 Language: Dutch OS: Windows 7 64-bit Plugins: Flash 10.1, … Fonts: Arial, …

  8. Are fingerprintsunique?

  9. Are fingerprintsunique? >8.47 bits of entropy (of 8.95 possible)

  10. Are fingerprints consistent? Arial Black Calibri Candara Comic Sans MS Consolas Constantia Browser version: 4.0.1 5.0.0 5.0.1 4.0.0 5.0.2 4.1.0 4.0.2 6.0.0 Segoe UI Corbel Franklin Gothic Medium Gabriola Georgia Palatino Linotype Segoe Print Trebuchet MS

  11. Are fingerprints consistent? They are fairly consistent.

  12. Mobile devices X-VF-ACR X-Brand-ID

  13. Whatcanyou do? private browsing mode Tor Browser

  14. Anonymousbrowsing does notexist Ralph broenink

  15. More thanjustfingerprints

More Related