Slashdot Mirror

← Back to Stories (view on slashdot.org)

A New Use For Browser Fingerprints: Defeating Spoofing (browserprint.info)

Posted by EditorDavid on from the busted-by-behavior dept.

AnonymousCube writes: Researchers at the University of Adelaide have found a new use for browser fingerprints: uncovering and defeating spoofing by web browsers. By using machine learning on browser fingerprints they were able to correctly guess the OS or browser family of a browser 90% of the time, and defeat operating system and browser family spoofing 76% of the time. This was done with small training sets of less than 1000 fingerprints, so accuracy with a much larger training set, like the size of the EFF's Panopticlick database should give even better results; you can help prove this, and see what their site thinks your browser family and OS is, by submitting your fingerprint to their site.

3 of 64 comments (clear)

  1. You built the better mouse trap. by Opportunist · · Score: 5, Informative

    We now have to evolve the better mouse.

    Dear fingerprinters: It might surprise you, but we don't want this to happen. We want the non-mobile version of your damn webpage on our mobile phone if we go out of our way to pretend we're not on a mobile device. Because guess what: Your mobile version almost invariably sucks and is unusable. Forcing us to use what YOU want us to use instead of allowing us to choose what WE want to choose leads to us not using your service at all.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    1. Re:You built the better mouse trap. by GargamelSpaceman · · Score: 5, Informative

      They can even get you by canvas fingerprinting and web3d fingerprinting where they use various drawing apis to create an image and then send back the checksum of that image to create a fairly unique fingerprint.

      CanvasBlocker sends a fake one, but then they know you are faking it. Or you can shut off access to the api, but then THAT flags you as unique for returning nothing but zeroes.

      I have yet to be able to produce a browser fingerprint that isn't unique using any combination of addons.

      We need some standardization. Then people could download an addon that produces at least the same fingerprint as all other users of that addon giving some space to hide in.

      --
      ...
  2. double plus ungood by Anonymous Coward · · Score: 4, Informative

    You do not call it "fighting spoofing". You must call it "reducing privacy, usability and anonymity". Doesn't sound so good now, does it?