In less than one second, a malicious web-page can uniquely fingerprint an Iphone, Pixel 2 or Pixel 3 without any explicit user interaction

In a new paper for IEEE Security, a trio of researchers (two from Cambridge, one from private industry) identify a de-anonymizing attack on Iphones that exploits minute differences in sensor calibration: an Iphone user who visits a webpage running the attack code can have their phone uniquely identified in less than a second, through queries to the sensors made through automated background processes running on the page. Read the rest

Firefox is getting more browser fingerprinting protection courtesy of Tor Browser's "letterboxing" technique

Even if you block cookies, many sites still track you with "browser fingerprinting," that use the unique combination of your screen resolution, browser and OS version, installed fonts and plugins, and other data that allows you to be reliably identified between sessions and across sites. Read the rest

How surveillance capitalism tracks you without cookies

Princeton computer science researchers Steven Englehardt and Arvind Narayanan (previously) have just published a new paper, Online tracking: A 1-million-site measurement and analysis, which documents the state of online tracking beyond mere cookies -- sneaky and often illegal techniques used to "fingerprint" your browsers and devices as you move from site to site, tracking you even when you explicitly demand not to be track and take countermeasures to prevent this. Read the rest