That's it Canvas fingerprinting is here…. Traditional ways to monitor internet users from the websites they visit have received many attacks in recent years. Cookies and other small data files stored in user systems have been stopped by several companies.
This is why many have invested resources to find other means of monitoring users on the Internet. Getting fingerprints through the browser is popular, but it's not that trusted. This is due to several factors.
The page EFF Panopticlick 2 (a more powerful update) performs fingerprint tests that reveal how unique your browser is.
Do you leave unique footprints on the web?
Any change is made to the program browsing or system such as an upgrade to a new version, a new computer monitor, or a new version of a plugin you are using can change your browser's unique fingerprint.
But fingerprinting based on the data available from browsers is not the only option for taking fingerprints.
HTML5 Canvas Fingerprinting
Fingerprint technology came about two years ago. It uses the HTML5 Canvas component that can be used for graphic design.
The problem with this in terms of protectionς της ιδιωτικής ζωής είναι ότι τα Results είναι διαφορετικά με βάση μια σειρά factors, such as the web browser used, as well as the specific settings of your operating system.
Canvas can be used to draw an image in your browser. The image will be different from another designed in another system, or even in the same system but with a different browser. As there is a difference, Canvas can be used to identify users online.
The site Browserleaks has created a fingerprint or fingerprinting demonstration that you can run on your browser, provided it supports HTML5 Canvas and that JavaScript it is activated.
Which companies do they use?
An article of her Pro publica lists three companies using Canvas fingerprinting: AddThis, known for social sharing plugins, a Ligatures German digital market site, and the popular dating site Plenty Of Fish.
Of course it is very likely that other companies are using it.
Block and reveal fingerprints
There are several options to prevent Canvas fingerprinting, but most are not simple.
- The anonymous TOR browser displays a line every time a site attempts to use HTML5 Canvas to capture your fingerprints. If you are using the browser, you are safe from this particular method. You can see above here.
- The Chameleon for Chrome is an experimental browser extension that tells you if a site uses Canvas fingerprinting. It will not prevent it simply informing you. It's not so easy to set up, since it's not available in Chrome Web Store at the time of writing this article.
- Another solution is to block scripts on webpages that you do not trust using it NoScript or some similar browser extension (or simply disable JavaScript). The issue presented with this approach is that you may need JavaScript to run a site you trust. In addition, completely harmless scripts like AddThis can be used comfortably for fingerprinting.
Sources and further reading
- Canvas Fingerprinting Sites - Lists of sites classified by Alexa using fingerprinting scripts.
- Cross-browser fingerprinting test 2.0 - Another test for fingerprinting
- Fingerprinting Guidance - Different types of fingerprinting.
- Mozilla Wiki entry on Fingerprinting
- Pixel Perfect: Fingerprinting Canvas in HTML - Study from 2012 that first reported the method
- The Web never forgets: Persistent tracking mechanisms in the wild - Research paper from Princeton and KU Leuven, Belgium that analyzes different fingerprinting methods, such as canvas, evercookies and cookie syncing.