A recent KU Leuven and Princeton University study provides the first large-scale investigation of a previously undetected cookie-like tracking mechanism embedded in the "share" buttons of websites.
The researchers found 5.5 percent of the world's top 100,000 websites track users using the mechanism, called canvas fingerprinting, which uses special scripts to exploit the browser's canvas, a browser functionality that can be used to draw images and text. When a user visits a website with canvas fingerprinting software, a first script tells the user's browser to print an invisible string of text on the browser's canvas, while another script instructs the browser to read back data about the pixels in the rendered image; this grouping of data is highly unique for each user and it can be reliably associated to individual users.
As part of the study, the researchers used automated Web crawlers to scan the world's top 100,000 websites for canvas fingerprinting scripts. "We hope that our results will lead to better defenses, increased accountability for companies deploying sticky tracking techniques, and an invigorated and informed public and regulatory debate on increasingly resilient tracking techniques," says KU Leuven's Gunes Acar, the study's lead researcher.
From KU Leuven
View Full Article
Abstracts Copyright © 2014 Information Inc., Bethesda, Maryland, USA
No entries found