We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

The Elephant In The Background: Empowering Users Against Browser Fingerprinting

Formal Metadata

Title
The Elephant In The Background: Empowering Users Against Browser Fingerprinting
Title of Series
Number of Parts
275
Author
Contributors
License
CC Attribution 4.0 International:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
This talk will be about FPMON, a browser extension that shows you where, when and which browser fingerprinting method is applied against you. You can use it to test your favorite websites and check your own services for 3rd-party fingerprinting scripts. It can also be used to test various browser privacy tools. Tracking users is a ubiquitous practice in the web today. User activity is recorded on a large scale and analyzed by various actors to create personalized products, forecast future behavior, and prevent online fraud. While so far HTTP cookies have been the weapon of choice, new and more pervasive techniques such as browser fingerprinting are gaining traction. Hence, in this talk, we describe how users can be empowered against fingerprinting by showing them when, how, and who is tracking them using JavaScript fingerprinting. To this end, we conduct a systematic analysis of various fingerprinting tools. Based on this analysis, we design and develop FPMON: a light-weight and comprehensive fingerprinting monitor that measures and rates JavaScript fingerprinting activity on any given website in real-time. Using FPMON, we evaluate the 10k most popular websites to i) study the pervasiveness of JavaScript fingerprinting; ii) review the latest fingerprinting countermeasures; and iii) identify the major networks that foster the use of fingerprinting. Our evaluations reveal that i) fingerprinters are present on many popular websites with sensitive contents (finance, news, NGOs, health, etc.); ii) they run without user consent and subvert current privacy regulations; and iii) most countermeasures can not sufficiently protect users.
Keywords