Re: Detecting browser fingerprinting

* Christine Runnegar wrote:
>http://www.kuleuven.be/english/news/several-top-websites-use-device-fingerprinting-to-secretly-track-users

>To detect websites using device fingerprinting technologies, the 
>researchers developed a tool called FPDetective. The tool crawls and 
>analyses websites for suspicious scripts. This tool will be freely 
>available at http://homes.esat.kuleuven.be/~gacar/fpdetective/ for other 
>researchers to use and build upon.

I take it they customised open source web browsers so they report when
web sites attempt to probe which fonts are installed on a client system
and perhaps a few other properties and they are "in the process of
preparing the FPDetective framework for public release." That's funny,
some years ago I did something quite similar (though more ambitiously I
wanted to simply trace all function calls and property accesses, it is
actually quite odd that typical frameworks do not already ship with the
capability) but I also did not develop into something I could bring my-
self to release to the general public... It will be interesting to see
how much of a hack their code is, or if it can easily be adapted to
solve the more general problem of tracing everything (in which case new
forms of malicious behavior could easily be identified through `grep`
and Excel).
-- 
Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de
Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de
25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/ 

Received on Monday, 14 October 2013 10:08:32 UTC