Saturday, 26 July 2014

AddThis Tests 'Canvas Fingerprint' to Replace Cookies in 5,000+ Popular Sites

A study conducted by Princeton University and Belgium’s KU Leuven University revealed that more than 5,000 of the top websites in the world have been testing "canvas fingerprint" technology intended to replace cookies, to track user data with most using popular widget AddThis.

ProPublica insists that canvas fingerprints are "nearly impossible to block," and PC World describes the technology with the following:
"An invisible image was sent to the browser, which rendered it and sent data back to the server. That data can then be used to create a 'fingerprint' of the computer, which could be useful for identifying the computer and serving targeted advertisements."
AddThis Chief Executive Rich Harris accounted for their testing by saying they were seeking a "cookie alternative." According to ProPublica, Harris "considered the privacy implications of canvas fingerprinting before launching the test, but decided 'this is well within the rules and regulations and laws and policies that we have.'"

Cookies have been around since the 1990s, and many internet users have routinely started to circumvent their influence.  Canvas fingerprints signaled the potential to track users' history in more covert ways, and AddThis appears to have tested their efficacy on thousands of sites, including and YouPorn.

ProPublica explains, "[Canvas] fingerprints are unusually hard to block: They can’t be prevented by using standard Web browser privacy settings or using anti-tracking tools such as AdBlock Plus." You can test the canvas fingerprint technology yourself on ProPublica, to see what kind of image you produce to be translated into a unique ID number with the Canvas Fingerprinting in Action feature.

Below is an example, using ProPublica's feature:

In order to curb the effects of canvass fingerprinting, ProPublica suggests the following strategies:
  • Use the Tor browser (Warning: can be slow)
  • Block JavaScript from loading in your browser (Warning: breaks a lot of web sites)
  • Use NoScript browser extension to block JavaScript from known fingerprinters such as AddThis (Warning: requires a lot of research and decision-making)
  • Use a browser extension that blocks JavaScript from known ad tracking companies such as AddThis. Extensions include Disconnect or AdBlockPlus browser extension with the EasyPrivacy filter installed. (Warning: Only blocks known ad tracking companies; other websites could still employ canvas fingerprinting)
  • Try the experimental browser extension Chameleon that is designed to block fingerprinting (Warning: only recommended for tech-savvy users at this point)
  • Install opt-out cookies from known fingerprinters such as AddThis (Warning: fingerprint will likely still be collected, companies simply pledge not to use the data for ad targeting or personalization)

No comments:

Post a Comment