CWTV

The Elephant In The Background: Empowering Users Against Browser Fingerprinting

Chaos-West TV
Julian Fietkau
This talk will be about FPMON, a browser extension that shows you where, when and which browser fingerprinting method is applied against you. You can use it to test your favorite websites and check your own services for 3rd-party fingerprinting scripts. It can also be used to test various browser privacy tools.
Tracking users is a ubiquitous practice in the web today. User activity is recorded on a large scale and analyzed by various actors to create personalized products, forecast future behavior, and prevent online fraud. While so far HTTP cookies have been the weapon of choice, new and more pervasive techniques such as browser fingerprinting are gaining traction. Hence, in this paper, we describe how users can be empowered against fingerprinting by showing them when, how, and who is tracking them using JavaScript fingerprinting. To this end, we conduct a systematic analysis of various fingerprinting tools. Based on this analysis, we design and develop FPMON: a light-weight and comprehensive fingerprinting monitor that measures and rates JavaScript fingerprinting activity on any given website in real-time. Using FPMON, we evaluate the 10k most popular websites to i) study the pervasiveness of JavaScript fingerprinting; ii) review the latest fingerprinting countermeasures; and iii) identify the major networks that foster the use of fingerprinting. Our evaluations reveal that i) fingerprinters are present on many popular websites with sensitive contents (finance, news, NGOs, health, etc.); ii) they run without user consent and subvert current privacy regulations; and iii) most countermeasures can not sufficiently protect users. Hence, we publish FPMON as a free browser extension to empower users against this growing threat.

Additional information

Type Talk
Language English

More sessions

12/27/20
CWTV
Lars Roemheld
Chaos-West TV
Die Corona-Warn-App (CWA) verkörpert ein Novum von (einigermaßen) agilem staatlichen Handeln im Bereich Software. Wie kam es dazu? Dieser Vortrag erzählt die Geschichte der Entstehung aus einer Innenperspektive.
12/27/20
CWTV
DysphoricUnicorn
Chaos-West TV
A quick dive into best practices including but not limited to semantic HTML and aria attributes and how they can make your website usable by a wider audience with relatively low effort.
12/27/20
CWTV
Hendrik Heuer
Chaos-West TV
This talk explains why audits are a useful method to ensure that machine learning systems operate in the interest of the public. Scripts to perform such audits are released and explained to empower civic hackers.
12/27/20
CWTV
Jolly
Chaos-West TV
Was war das C-Netz? Was ist eine C-Netz-Basisstation? Was ist die Funkvermittlungsstelle? Wie bringt man damit die Basisstation wieder zum Laufen?
12/27/20
CWTV
betalars
Chaos-West TV
Gute Autismusrepresentation in Medien ist wichtig, aber auch schwer. In diesem Vortrag möchten wir uns angucken, wie autistische Menschen in Medien dargestellt werden und, was wir selbst an schlechten Beispielen über Empathie lernen können.
12/27/20
CWTV
Chaos-West TV
Noch nie war gemeinsammes Waffeln backen und verzehren so kompliziert wie dieses Jahr. Doch davon lässt sich das Chaos nicht aufhalten. Überall haben Hacksen, Hacker und alle Wesen des Chaos sich versammelt um unter dem Motto “Waffeln everywhere” gemeinsam eine wohlschmeckende remote Waffel Erfahrung zu haben.
12/28/20
CWTV
pathfinder
Chaos-West TV
An exploration of the available data discovered worldwide by probing MQTT endpoints. MQTT is a popular IoT protocol which, due to configuration, oversight or error (or all three), can be found open globally with at times highly personal data published for all to see. This talk encompasses the speaker's journey through developing a framework of parsing and exploring large datasets and building data collection and monitoring automation, showcasing the sheer lack of attention given to protection of ...