Submitted via IRC for TheMightyBuzzard
Researchers devised a browser fingerprinting technique that allows interested parties to "identify" users across different browsers on the same machine.
The group – Yinzhi Cao and Song Li from Lehigh University, and Erik Wijmans from Washington University in St. Louis – found that many novel OS and hardware level features, such as those from graphic cards, CPU, and installed writing scripts, can be used to accurately "fingerprint" users.
"Our evaluation shows that our approach can successfully identify 99.24% of users as opposed to 90.84% for state of the art on single-browser fingerprinting against the same dataset," they noted. They have proposed and successfully tested a number of cross-browser fingerprintable features, including screen resolution, the number of CPU virtual cores, list of fonts, installed writing scripts, and more.
They extract those features by asking browsers to perform tasks that rely on corresponding OS and hardware functionalities. They found these fingerprintable features to be highly reliable – the removal of a single feature has little impact on the fingerprinting results. Also, that software rendering can be definitely used for fingerprinting.
Currently, the only way to prevent the collection of most of these features is to use the Tor Browser.
Source: https://www.helpnetsecurity.com/2017/01/17/cross-browser-fingerprinting/
(Score: 1) by Ethanol-fueled on Saturday January 21 2017, @03:31AM
Agreed.
Somewhat on-topic, when I was a poorfag and "borrowing" my neighbors' unsecured wireless connections, I'd use macchanger -r on Linux. Writing a plugin or even an application shouldn't be beyond the reach of a serious nerd or two. Hopefully it could randomize things such that they were not only convincing but randomized sufficiently enough to prevent security researchers' statistical black-box attacks against its footprint.