Austrian scientists created method of tracing browsers with the use of JavaScript

Group of researchers from Graz Technical University (Austria) developed an automated system for creating browser profiles using two new attacks on third-party channels, which provide information about used software and hardware and more effectively track browser on the Internet.

Specialists under the title presented the results of the study “JavaScript Template Attacks: Automatically Inferring Host Information for Targeted Exploits”.

According to them, the new method makes it easier to track browsers, helps circumvent a number of anti-snooping techniques, and demonstrates that browser-based browsing extensions “allow more information to leak out than they can disguise.”

“Using browsers differences, we can deduce information about the system, both about the software as well as the hardware. As a result, we cannot only ease creation of fingerprints, but we gain the advantage of having a more precise picture for targeted exploitation”, — report researchers.

Obtaining browser’s digital fingerprint alleviates collecting data about the user’s, such as associated software and hardware, browser type, operating system used, various headers, cookies, extensions, screen resolution, etc. This information can be collected using JavaScript.

Developed by scientists method is quite simple: at the first stage, a browser profile is created based on the list of properties available from JavaScript objects. At the second stage, data from another medium are re-collected (alternative browser or OS). Next, the two profiles are reduced to a single template, which is then used to search for variations.

These variations allow finding out about environment-related properties in Chrome, Edge, Firefox and mobile version of Tor, with which anyone can become aware about the OS, processor, installed plug-ins to ensure privacy and version of browser.

The study of scientists once again shows that to ensure complete anonymity on the Web is quite difficult, even in the case of the Tor browser, developed for protection against surveillance. As explained by experts, implemented in Tor measures to mask digital footprint may be ineffective if you take into account additional data.

“We stress that ourmethod should be used in the development of browsers and pri-vacy extensions to automatically find flaws in the implementation”, – noted scientists from Austria.


About Trojan Killer

Carry Trojan Killer Portable on your memory stick. Be sure that you’re able to help your PC resist any cyber threats wherever you go.

Check Also

MageCart on the Heroku Cloud Platform

Researchers Found Several MageCart Web Skimmers On Heroku Cloud Platform

Researchers at Malwarebytes reported about finding several MageCart web skimmers on the Heroku cloud platform …

Android Spyware CallerSpy

CallerSpy spyware masks as an Android chat application

Trend Micro experts discovered the malware CallerSpy, which masks as an Android chat application and, …

Leave a Reply