1 / 61

How to Detect a Client’s Browser Senior Seminar CS498

How to Detect a Client’s Browser Senior Seminar CS498. Conrad Kennington. Kount. Stops e-commerce fraud Passively identifies devices. Your device automatically sends information about itself. Why?. = mobile site. = mobile site. = desktop site. = mobile site. en-US.

talli
Download Presentation

How to Detect a Client’s Browser Senior Seminar CS498

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. How to Detect a Client’s BrowserSenior Seminar CS498

  2. Conrad Kennington

  3. Kount

  4. Stops e-commerce fraudPassively identifies devices

  5. Your device automatically sends information about itself

  6. Why?

  7. = mobile site

  8. = mobile site = desktop site

  9. = mobile site en-US = desktop site

  10. = mobile site en-US = English site = desktop site

  11. = mobile site en-US = English site ja-JA = desktop site

  12. = mobile site en-US = English site ja-JA = Japanese site = desktop site

  13. =

  14. What information?

  15. What they knowDevice location (~30 miles)Business typeIf you’re a return visitorWhen you last visited If they care:Browser versionBrowser plugins installedPlugins can gather additional system informationOperating system versionLocal timezoneLanguage settingsLimited device specsResolutionScreen sizeColor depth

  16. What they knowDevice location (~30 miles)Business typeIf you’re a return visitorWhen you last visited If they care:Browser versionBrowser plugins installedPlugins can gather additional system informationOperating system versionLocal timezoneLanguage settingsLimited device specsResolutionScreen sizeColor depth • What they don’t know • Name • Age • Gender • Weight • Address • Profession • Phone • Credit card number • Major • Salary • Social Security Number • Medical history • Facebook relationship status • Mother’s maiden name • Licensed watercraft • Outstanding parking tickets • Favorite ice-cream • Overdue library books • Credit score

  17. Grades • Favorite bands • High school sweethearts • Eye color • Nicknames • Netflix recently watched • Email addresses • Tax returns • Candy Crush score • Batting average • Attendance records • Instant messages • Pirated music/movies • Magazine subscriptions • Purchase history • World of Warcraft achievements • Books read • Adderall dosage • MySpace Top 10 • Travel schedule • Birthday • Voting records • Smart phone contact list • Student loan balance

  18. Tattoos • Fingerprints • Drivers license number • License plate • Dental records • Guns owned • Magic the Gathering decks • Costco membership status • Unredeemed rewards points • Average commute time • Hobbies • Mile run • Favorite restaurants • Merit badges • Religion • Pets • Mood • Amazon wish list • Marital status • 401k balance • Therapist • Phone logs • YouTube comments • Number of children

  19. Pretty much nothing about your person

  20. Location

  21. 71.33.*.*

  22. 71.33.*.* This means Boise, Idaho

  23. 71.33.*.* This means Boise, Idaho For now.

  24. 82.148.97.69

  25. 82.148.97.69 This means Qatar

  26. 82.148.97.69 This means Qatar The whole country.

  27. Mask my IP, mask my location?

  28. Mask my IP, mask my location? Not exactly.

  29. Mask my IP, mask my location? Not exactly. Timezone, language, etc

  30. Browser

  31. HTTP Request Headers Request method GET Request URI / Request protocol HTTP/1.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept charset Accept encoding gzip,deflate,sdch Accept language en-US,en;q=0.8 Connection keep-alive Host myhttp.info Referer https://www.google.com/ User agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1801.3 Safari/537.36

  32. Parsing a user agentstring sucks

  33. Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1667.0 Safari/537.36 Mozilla/5.0 (Windows NT 6.1; rv:6.0) Gecko/20100101 Firefox/19.0 Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:15.0) Gecko/20100101 Firefox/15.0.1 Googlebot/2.1 (+http://www.google.com/bot.html) Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 2.0.50727; Media Center PC 6.0) Mozilla/4.0 (compatible; MSIE 6.1; Windows XP) None of your business. Mozilla/5.0 (Windows; U; MSIE 7.0; Windows NT 5.2) Opera/9.80 (Windows NT 6.0) Presto/2.12.388 Version/12.14 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_3) AppleWebKit/534.55.3 (KHTML, like Gecko) Version/5.1.3 Safari/534.53.10 Opera/9.80 (Android; Opera Mini/7.5.33361/31.1350; U; en) Presto/2.8.119 Version/11.10 ‘; DELETE FROM user_agents; Mozilla/5.0 (PLAYSTATION 3; 2.00) Mozilla/5.0 (BlackBerry; U; BlackBerry 9900; en) AppleWebKit/534.11+ (KHTML, like Gecko) Version/7.1.0.346 Mobile Safari/534.11+ Mozilla/5.0 (Linux armv6l; Maemo; Opera Mobi/8; U; en-GB; rv:1.9.1.6) Gecko/20091201 Firefox/3.5.6 Opera 11.00 Mozilla/5.0 (X11; U; Linux i686; ru; rv:33.2.3.12) Gecko/20120201 SeaMonkey/8.2.8 Mozilla/5.0 (X11; U; OpenBSD arm; en-us) AppleWebKit/531.2+ (KHTML, like Gecko) Safari/531.2+ Epiphany/2.30.0 Mozilla/5.0 (compatible; Konqueror/4.3; Linux) KHTML/4.3.1 (like Gecko) Fedora/4.3.1-3.fc11 Mozilla/5.0 (Windows; U; MSIE 9.0; WIndows NT 9.0; en-US)) Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US) Mozilla/5.0 ( ; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Mozilla/5.0 (Windows; U; Windows NT 6.1) AppleWebKit/526.3 (KHTML, like Gecko) Chrome/14.0.564.21 Safari/526.3

  34. HTTP Header Order Chrome 34 on a Macbook Host: pgl.yoyo.org Connection: keep-alive Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1801.3 Safari/537.36 Referer: https://www.google.com/ Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Firefox 5 on a Macbook Host: pgl.yoyo.org User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:19.0) Gecko/20100101 Firefox/19.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Safari 7 on a Macbook Host: pgl.yoyo.org Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us Connection: keep-alive Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_1) AppleWebKit/537.73.11 (KHTML, like Gecko) Version/7.0.1 Safari/537.73.11

  35. JavaScript

  36. Good at detecting browser features and capabilities.

  37. Good at detecting browser features and capabilities. • Support multiple backgrounds?

  38. Good at detecting browser features and capabilities. • Support multiple backgrounds? • HTML5 canvas?

  39. Good at detecting browser features and capabilities. • Support multiple backgrounds? • HTML5 canvas? • Border radius?

  40. Good at detecting browser features and capabilities. • Support multiple backgrounds? • HTML5 canvas? • Border radius? • Box shadow?

  41. Good at detecting browser features and capabilities. • Support multiple backgrounds? • HTML5 canvas? • Border radius? • Box shadow? • Available events?

  42. Good at detecting browser features and capabilities. • Support multiple backgrounds? • HTML5 canvas? • Border radius? • Box shadow? • Available events? • CSS properties recognized?

More Related