If the advent of technology and its modern modifications no longer surprise you, then this next piece of news is definitely going to be your cup of tea.
A researcher has created a website that uses Google Chrome extensions installed on devices. These can further be used to create a fingerprint of a user’s device which would in turn be used to track them online.
The news comes to us after researchers claimed that it is one of the most advanced methods to produce fingerprints and further allows the online tracking process to be a streamlined affair. You see, various characteristics of a smart device can be linked to any website and these can range from GPU performance, different windows applications, resolution on a screen and figuration present on your hardware . And if that wasn’t enough, it can even go so far as to include a number of fonts.
Keeping this in mind, it is now much easier to track devices on different websites which also use a similar method for fingerprinting.
Yesterday, a leading website developer going by the name of z0ccc proved to us that his new fingerprint-based website can produce a tracking hash that’s only aligned with Chrome’s stock browser extensions.
Remember that every time you create a Chrome browser extension, you say hello to declaring certain web resources that different pages on the internet can access.
In most cases, these come in the form of image files that are considered a property of the browser file.
While this may seem like new news to so many people today, this information was made public in 2019. During that time and now, people can always check out any of the extensions they have installed.
This produces a fingerprint belonging to any visitor’s browser, solely based on the various combos seen on the extensions.
But what if you don’t want to be tracked? Well, as z0ccc says, in a case like this, you’re essentially preventing yourself from being detected using secret tokens that some extensions use. This is required to access a particular resource.
While some people have these extensions protected, others do not. And to determine the difference between those who have an additional source of protection, you can take into account the delay, because those who are protected take a long time to recover.
So to better illustrate this method. z0ccc created the extension website which checks whether web resources are available or not on Google Chrome web store.
Some common extension names you’ll find on different sites include Adobe, uBlock, ColorZilla, Grammarly, Honey, Rakuten, and LastPass.
Whatever combination of installed resources you have, you will get a particular tracking code that will track your activity.
The web developer claims that some extensions are so secure that they don’t expose anything.
Meanwhile, people who don’t have any extensions installed will have a similar fingerprint, which means they won’t be useful for tracking. On the contrary, those who have bundles of extensions will have a rare fingerprint which will be used for web tracking.
In the event that a particular fingerprint wishes to be refined, we can add a series of additional features to the template and this adds a unique touch.
Interestingly, this method will only work with Chrome browsers, which means Mozilla Firefox or its associated credentials will not work.
So far, z0ccc hasn’t collected any information via tracking, but its own personal testing has shown how the most found extension fingerprint was the uBlock.
Extension Fingerprints is currently available as a public project where anyone can submit queries in terms of extensions already installed.
Read next: Phishing attacks broke all records in Q1 2022