- From: Bjoern Hoehrmann <derhoermi@gmx.net>
- Date: Mon, 14 Oct 2013 12:08:08 +0200
- To: Christine Runnegar <runnegar@isoc.org>
- Cc: "public-privacy (W3C mailing list)" <public-privacy@w3.org>
* Christine Runnegar wrote: >http://www.kuleuven.be/english/news/several-top-websites-use-device-fingerprinting-to-secretly-track-users >To detect websites using device fingerprinting technologies, the >researchers developed a tool called FPDetective. The tool crawls and >analyses websites for suspicious scripts. This tool will be freely >available at http://homes.esat.kuleuven.be/~gacar/fpdetective/ for other >researchers to use and build upon. I take it they customised open source web browsers so they report when web sites attempt to probe which fonts are installed on a client system and perhaps a few other properties and they are "in the process of preparing the FPDetective framework for public release." That's funny, some years ago I did something quite similar (though more ambitiously I wanted to simply trace all function calls and property accesses, it is actually quite odd that typical frameworks do not already ship with the capability) but I also did not develop into something I could bring my- self to release to the general public... It will be interesting to see how much of a hack their code is, or if it can easily be adapted to solve the more general problem of tracing everything (in which case new forms of malicious behavior could easily be identified through `grep` and Excel). -- Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de 25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/
Received on Monday, 14 October 2013 10:08:32 UTC