Meet the Online Tracking Device That is Virtually Impossible to Block

Discussion in 'privacy problems' started by ronjor, Jul 21, 2014.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,798
    Location:
    Texas
    http://www.networkworld.com/article...ce-that-is-virtually-impossible-to-block.html
     
    Last edited: Jul 22, 2014
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    Using different VMs via different VPNs and/or Tor should do it ;)
     
  3. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    Ah! Ok, that explains a lot then. I've been noticing a few of those notifications.
     
  4. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,599
    Yep, TOR submits a blank canvas on your behalf unless you manually override it.
     
  5. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,301
    Location:
    Oz
    That's interesting. But if a person is using Sandboxie and wipes the remenants with each session, how can they gather this information?
     
  6. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Server-side storage of each session.
     
  7. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,301
    Location:
    Oz
    Who's server? The tracker server? If so then how do they identify you the next time you visit, if it relies on the webpages, ads and that sort of thing? None of that would persist.
     
  8. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    So any methods to block it outside of using Tor? Would Noscript block it?
     
  9. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    Yes. The original article lists some other methods.
     
  10. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    IP Address, MAC address, user agent, etc.
     
  11. Reality

    Reality Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    689
    That list is heavily populated with uɹ0d sites.

    How would this actually be deployed?
     
  12. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    Oh, it's on the side. It took me like 3 re-reads till I spotted it.

    Anyway, for anyone else curious:

    Also Privacy Badger looks like one day it'll also have a feature to block it (or it, along with a bunch of other methods:
    https://www.eff.org/privacybadger#does_it_prevent_fingerprinting
     
  13. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    If it's HTML, it can be blocked, filtered, or altered. Proxomitron would be capable of dealing with it once a specific filter is written.
     
  14. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,856
    Yet again complete nonsense hype about "virtually impossible to block".

    Block "AddThis" in ABP and tada. Damn that was hard... Install the anti-social list when prompted to in ABP and it's already done for you.

    I guess that wouldn't attract as many clicks.

    EDIT: Article has been removed or the link is wrong. Here is a working link: http://www.theverge.com/2014/7/21/5...new-way-to-track-your-movement-across-the-web

    Also...

    Panic over.
     
  15. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,798
    Location:
    Texas
  16. TS4H

    TS4H Registered Member

    Joined:
    Nov 5, 2013
    Posts:
    512
    Location:
    Australia
    Just read this article on ghacks and I thought id share. Has anyone here on Wilders ever used such an extension or has some knowledge about these form of techniques?? Opinions?

    "Browser fingerprinting refers to methods to profile a browser based on information transferred automatically when connections are made to websites or services, or generated with the help of scripts and technologies.

    It is unclear how widely browser fingerprinting is being used on the Internet but it is clear that it is used by some companies to track users online."


    Source;

    http://www.ghacks.net/2014/07/22/chameleon-highlights-protects-browser-fingerprinting-chrome/

    Canvas Fingerprinting

    "Traditional ways of tracking users have come under fire in recent years. Cookies and other small snippets of data that get saved on user systems may not be available forever to many companies.

    That's why many have invested resources in finding other means to track users on the Internet. Fingerprinting is popular but not that reliable due to several factors"

    Source;

    http://www.ghacks.net/2014/07/21/companies-use-canvas-fingerprinting-track-online/
     
  17. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,088
  18. TS4H

    TS4H Registered Member

    Joined:
    Nov 5, 2013
    Posts:
    512
    Location:
    Australia
    Ah right thanks for pointing me to that thread. Must of missed it.

    Definitely very interesting, worth keeping an eye on it to see how it develops in the future both from an advertising and privacy point of view.

    regards.
     
  19. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,088
    http://www.welivesecurity.com/2014/07/22/online-privacy/
     
  20. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    Note: the referenced academic paper covers more than just canvas fingerprinting.
     
  21. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,088
    http://threatpost.com/thousands-of-...practically-unblockable-fingerprint-mechanism
     
  22. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,301
    Location:
    Oz
    Of course the same IP could be used. But I don't think websites can see your mac address.
     
  23. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    https://www.eff.org/deeplinks/2014/...que-non-cookie-tracker-despite-privacy-policy

    So it looks like Privacy Badger would help then.
     
  24. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,088
    They don't have to get your MAC address. They have enough of other data.
    As an example you can test your browser fingerprint here: https://panopticlick.eff.org/ You will see how unique your browser is. My is one in two millions, so when I visit a site with not many daily visitors they can almost 100% identify me just by collecting this data.
     
  25. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,046
    Location:
    The Netherlands
    I don´t get it, so if you block this with a script-blocker then this "attack" is stopped? :)
     
Loading...
Thread Status:
Not open for further replies.