That's it Canvas fingerprinting is here…. Traditional ways to monitor internet users from the websites they visit have received many attacks in recent years. Cookies and other small data files stored in user systems have been stopped by several companies.
This is why many have invested resources in finding other means of tracking Internet users. THE λήψη "fingerprints" through it browser is popular, but not so reliable. This is due to several factors.
The page Panopticlick on EFF performs fingerprint tests that reveal how unique your browser is. Are you leaving a unique mark on the internet? Any change is made to Browser or your system, such as an upgrade to a new version, a new computer monitor, or a new version of a plugin you use can change your browser's unique fingerprint.
But fingerprinting based on the data available from browsers is not the only option for taking fingerprints.
HTML5 Canvas Fingerprinting
Fingerprint technology came about two years ago. It uses the HTML5 Canvas component that can be used for graphic design.
The problem with this in terms of privacy is that the results are different based on a number of factors, such as the web browser used, as well as the specific settings of your operating system.
Canvas can be used to draw an image in your browser. The image will be different from another designed in another system, or even in the same system but with a different browser. As there is a difference, Canvas can be used to identify users online.
Η by clicking here Browserleaks has created a fingerprint or fingerprinting demonstration you can run on your browser, provided it supports HTML5 Canvas and that JavaScript is enabled.
Which companies do they use?
An article of her Pro publica lists three companies using Canvas fingerprinting: AddThis, known for social sharing plugins, a Ligatures German digital market site, and the popular dating site Plenty Of Fish.
Of course it is very likely that other companies are using it.
Block and reveal fingerprints
There are several options to prevent Canvas fingerprinting, but most are not simple.
- The anonymous TOR browser displays a line every time a site attempts to use HTML5 Canvas to capture your fingerprints. If you are using the browser, you are safe from this particular method. You can see above here.
- The Chameleon for Chrome is an experimental browser extension that tells you if a site uses Canvas fingerprinting. It will not prevent it simply informing you. It's not so easy to set up, since it's not available in the Chrome Web Store at the time of writing this article.
- Another solution is to block scripts on webpages that you do not trust using it NoScript or some similar browser extension (or simply disable JavaScript). The issue presented with this approach is that you may need JavaScript to run a site you trust. In addition, completely harmless scripts like AddThis can be used comfortably for fingerprinting.
Sources and further reading
- Canvas Fingerprinting Sites - Lists of sites classified by Alexa using fingerprinting scripts.
- Cross-browser fingerprinting test 2.0 - Another test for fingerprinting
- Fingerprinting Guidance - Different types of fingerprinting.
- Mozilla Wiki entry on Fingerprinting
- Pixel Perfect: Fingerprinting Canvas in HTML - Study from 2012 that first reported the method
- The Web never forgets: Persistent tracking mechanisms in the wild - Research paper from Princeton and KU Leuven, Belgium that analyzes different fingerprinting methods, such as canvas, evercookies and cookie syncing.
