Pages

New Website Uses Google Chrome Extensions To Produce Fingerprints That Track Users Online

If the advent of technology and its modern modifications ceases to surprise you, then this next piece of news is definitely going to be your cup of tea.

One researcher has made a website that makes use of Google Chrome extensions that are installed on devices. These can further be utilized to make a fingerprint of a user's device and that would in turn be used to track them online.

The news comes to us after researchers claim this is one of the most advanced methods to produce fingerprints and further allows the online tracking process to be a simplified affair. See, various characteristics of a smart device can link to any website and these can range from GPU performance, different Windows apps, resolution on a screen, and the figuration present across your hardware. And if that wasn’t enough, it can even go as far as including a number of fonts.

Keeping that in mind, it’s just so much simpler now to track devices across different websites that make use of a similar method for fingerprinting too.

Yesterday, a leading website developer who goes by the name z0ccc proved to us that his new website that’s based on fingerprinting can produce a tracking hash that’s solely aligned with Chrome’s stored browser extensions.

Remember, whenever you happen to create any Chrome browser extension, you are saying hello to the declaration of certain web resources that various pages on the internet can gain access to.

On most occasions, these arise in the form of image files that are seen as property belonging to the browser’s file.

While it might seem to be new news for so many people out there today, this information went public in 2019. During that time and now, people can always check any of the extensions that they’ve installed.

This produces a fingerprint belonging to any visitor’s browser, solely depending on the different combos seen on the extensions.

But what if you don’t want to be tracked? Well, as z0ccc says that in a case like this, you basically prevent yourself from being detected through the help of secret tokens that some extensions make use of. This is needed to gain access to any particular resource.

While some people have these protected extensions, others may not. And to determine the difference between those with an added source of protection, you can take the timing into consideration as protected ones take a long time to fetch.

So to better illustrate this method. z0ccc created the extension website that checks if the web resources are available or not on Google Chrome’s web store.

Some common names of extensions that you’ll find on different sites include Adobe, uBlock, ColorZilla, Grammarly, Honey, Rakuten, and LastPass.

Whatever combo of installed resources you have, you’ll get a particular tracking code that will go about tracking your activity.

The web developer does claim that certain extensions are so secure that they don’t expose anything.

Meanwhile, those people who have zero installed extensions are going to have a similar fingerprint and that means they will not serve any purpose for tracking. On the contrary, those with bundles of extensions will be having a rare fingerprint that will be used for web tracking.

In case a particular fingerprint wants to be refined, we can add a series of additional characteristics to the model and that adds a unique touch.

Interestingly, this method will only work with Chrome Browsers and that means Mozilla Firefox or its related IDs won’t work.

For now, z0ccc hasn’t collected any information through tracking but his own personal tests have gone about showing how the most found extension fingerprint was the uBlock.

Extension fingerprints are currently available as a public project that anyone can send out queries for in terms of already installed extensions.


Read next: Phishing Attacks Broke All Records in the First Quarter of 2022

No comments: