Home → News → Researchers Reveal New Online ­ser Tracking Techniques → Full Text

Researchers Reveal New Online ­ser Tracking Techniques

By Help Net Security

August 23, 2018

[article image]

Researchers at KU Leuven in Belgium have identified a number of online user tracking techniques that cannot be blocked by browsers' built-in anti-tracking defenses and existing anti-tracking and ad-blocking extensions.

The team also found no evidence these techniques are already being used by user tracking services and advertisers.

The researchers developed a framework to confirm that all imposed cookie- and request-policies are correctly applied. They say, however, "Worryingly, we found that most mechanisms could be circumvented: for instance for all ad-blocking and anti-tracking browser extensions we discovered at least one technique that could bypass the policies."

After testing seven browsers, 31 ad-blocking extensions, and 15 anti-tracking extensions, they identified seven categories of request-triggering mechanisms that can be applied to user tracking on at least one tested setup.

The tracking techniques exploit the AppCache API and its replacement Service Worker (SW) API, Javascript in PDFs, HTML tags, response headers, various redirects, and Javascript APIs.

From Help Net Security
View Full Article


Abstracts Copyright © 2018 Information Inc., Bethesda, Maryland, USA


No entries found