The most prominent and persistent trackers are from Google followed by Facebook and Twitter. Unsurprisingly News, Sports and Recreational websistes have the highest amount of trackers. The thing I found most interesting about this study is the analysis of new tracking methods. These are:
- Canvas Fingerprinting: The Canvas element allows websites to draw graphics according to the device. Since different devices will render the graphics differently this rendered graphic is used as a fingerprint.
- AudioContext Fingerprinting: The most interesting of these tracking methods is the use of Audio to fingerprint a device. No audio is actually played or recorded but it is calculated how exactly the audio processed on a particular device's software using the AudioContext interface. This is then hashed and used for fingerprinting the device. You can test this here (Princeton tool):
https://audiofingerprint.openwpm.com
- WebRTC: I think this is known. WebRTC can show your real IP address to websites even if you are behind a VPN, it also dhows your local IP address. While legitimate uses include finding the best peers to connect to such as in messaging, it is also used to track the users and sometimes even display ads.
- Canvas-Font Fingerprinting: Another interesting technique being used to fingerprint users is by checking how and which fonts are rendered on the device via the Canvas API. Using the obtained results to track users.
Code: Select all
https://www.mapsofindia.com/my-india/travel/khari-baoli-asias-largest-wholesale-spice-market
cdn-net.com
(domain mentioned in the Princeton study). This domain seems to belong to InAuth which is a fraud detection company. The study does mention that the unusual tracking methods are mostly being use for fraud detection but this is only due to backlash from uses.Princeton Study:
Code: Select all
https://webtransparency.cs.princeton.edu/webcensus/
Code: Select all
https://senglehardt.com/presentations/2017_01_cosic_online_tracking.pdf