[Infowarrior] - Paper - FPDetective: Dusting the Web for Fingerprinters
Richard Forno
rforno at infowarrior.org
Sun Oct 13 19:18:02 CDT 2013
FPDetective: Dusting the Web for Fingerprinters
KU Leuven, Dept. of Electrical Engineering (ESAT), COSIC, iMinds, Leuven, Belgium
{gunes.acar,marc.juarez,claudia.diaz,seda.guerses,bart.preneel}@esat.kuleuven.be
IIIA-CSIC, Bellaterra, Spain
mjuarez at iiia.csic.es
KU Leuven, Dept. of Computer Science, iMinds-DistriNet, Leuven, Belgium
{nick.nikiforakis,frank.piessens}@cs.kuleuven.be
New York University, Dept. of Media, Culture, and Communication, NY, USA
ABSTRACT
In the modern web, the browser has emerged as the vehicle of
choice, which users are to trust, customize, and use, to access
a wealth of information and online services. However, recent
studies show that the browser can also be used to invisibly
ngerprint the user: a practice that may have serious privacy
and security implications.
In this paper, we report on the design, implementation
and deployment of FPDetective, a framework for the de-
tection and analysis of web-based ngerprinters. Instead of
relying on information about known ngerprinters or third-
party-tracking blacklists, FPDetective focuses on the detec-
tion of the ngerprinting itself. By applying our framework
with a focus on font detection practices, we were able to
conduct a large scale analysis of the million most popular
websites of the Internet, and discovered that the adoption
of ngerprinting is much higher than previous studies had
estimated. Moreover, we analyze two countermeasures that
have been proposed to defend against ngerprinting and nd
weaknesses in them that might be exploited to bypass their
protection. Finally, based on our ndings, we discuss the
current understanding of ngerprinting and how it is re-
lated to Personally Identiable Information, showing that
there needs to be a change in the way users, companies and
legislators engage with fingerprinti.....
http://www.cosic.esat.kuleuven.be/publications/article-2334.pdf
---
Just because i'm near the punchbowl doesn't mean I'm also drinking from it.
More information about the Infowarrior
mailing list