A few years ago, security researchers discovered an easy way to get “fingerprints” of individual users in Google Chrome by checking which extensions the user has installed.
If you have more than three extensions installed, the probability is low that you have exactly the same set as many others, and combined with other available information such as what language Chrome is set in, what time zone you are in and so on, it is possible to produce a unique digital fingerprints that can track you around the web.
Additional developers have begun to protect themselves against this by stopping anyone from reading the installed files of the add-ons, but security researcher “z0ccc” has found a way to circumvent the protection and continue to track users, writes Bleeping Computer.
The security researcher uses a so-called timing attack which is about measuring how long it takes to retrieve resources – resources for add-ons that are not installed take less time to get difficult (they do not exist) than resources for installed but protected add-ons. In this way, it is possible to scan for quick additions relatively quickly.
This method of developing digital fingerprints only works in Chromium-based browsers such as Chrome, the new Edge, Opera, Brave and Vivaldi.
.
[related_posts_by_tax taxonomies=”post_tag”]
The post Researchers succeed in tracking users with Google Chrome extensions appeared first on Gamingsym.