Communications of the ACM
Researchers Reveal New Online ser Tracking Techniques
Researchers at KU Leuven in Belgium, have identified a number of online user tracking techniques that cannot be blocked by browsers' built-in anti-tracking defenses or existing anti-tracking and ad-blocking extensions.
Credit: 3000newswire.blogs.com
Researchers at KU Leuven in Belgium have identified a number of online user tracking techniques that cannot be blocked by browsers' built-in anti-tracking defenses and existing anti-tracking and ad-blocking extensions.
The team also found no evidence these techniques are already being used by user tracking services and advertisers.
The researchers developed a framework to confirm that all imposed cookie- and request-policies are correctly applied. They say, however, "Worryingly, we found that most mechanisms could be circumvented: for instance for all ad-blocking and anti-tracking browser extensions we discovered at least one technique that could bypass the policies."
After testing seven browsers, 31 ad-blocking extensions, and 15 anti-tracking extensions, they identified seven categories of request-triggering mechanisms that can be applied to user tracking on at least one tested setup.
The tracking techniques exploit the AppCache API and its replacement Service Worker (SW) API, Javascript in PDFs, HTML tags, response headers, various redirects, and Javascript APIs.
From Help Net Security
View Full Article
Abstracts Copyright © 2018 Information Inc., Bethesda, Maryland, USA
No entries found