Dismiss this notice
ExpressVPN Valentines 2021 Giveaway - https://www.geeks.fyi/showthread.php?tid=14246

Dismiss this notice
Internet Download Manager Giveaway - https://www.geeks.fyi/showthread.php?tid=14245

Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Custom browser protocol handlers may be used for fingerprinting
#1
Lightbulb 
Quote:
[Image: custom-protocol-handlers-fingerprinting.png]

When you install certain applications on your desktop systems, so-called custom protocol handlers may be added. These are used to launch the application in question, e.g. to initiate a Skype call or open a game on Steam.

Popular applications such as Skype, Spotify, Discord, WhatsApp, TeamViewer, or Slack make use of custom protocols.
Sites may test for support for these protocols in a browser and use the information for fingerprinting.

A demo site has been created that checks if the custom protocol handlers of 24 applications are supported (on Windows). A total of 32 different application protocol handlers are supported right now.

The identification works across operating systems and browsers. It can be used, at least in theory, to identify a user based on the results of the test alone.

The demo site computes an identifier based on its findings each time the test is run. The developers suggest that you may run the test in different browsers, e.g. Firefox, Chrome. Safari and Tor Browser, to check if you can be identified based on the support of external protocols.

Fingerprinting can be improved by using other identifying factors next to those used in the demo. The checks for the supported custom protocol handlers are clearly visibly when you run the demo in three of the four browsers that are officially supported (Chrome, Firefox and Safari).

The information may be used to identify users of the Tor browser, but also for targeted advertisement or user tracking and profiling. The type of applications that are installed may reveal valuable information to advertisers and potentially also to malicious actors. A user who has several game clients installed may respond well to game-related ads, while a TeamViewer or Slack user to business-related ads.

The developers reveal how they managed to run the identification script in the four tested browsers. They note that Google appears to be aware of this and is working on a solution to prevent the attack from taking place. It is likely that other browser companies will implement security protections of their own to block this attack from being successful.

Bugs were reported to Mozilla, Google and Apple. You can check the bug on Mozilla's bug tracking site to find out if and when it gets fixed in Firefox (and Tor).

The source code for the demos has been released on GitHub.

As far as protection in the meantime is concerned, a script-blocker may prevent the attack from being carried out in the first place.

Now You: do you have programs with custom protocol handlers installed on your devices?
...
Continue Reading
[-] The following 1 user Likes harlan4096's post:
  • silversurfer
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username:


Password:





[-]
Recent Posts
Hackers Steal FIFA 21 Source Code, Tools...
Hackers have breac...silversurfer — 07:23
Cyberpunk 2077 Hacked Data Circulating O...
Earlier this year,...silversurfer — 07:21
Baby Clothes Giant Carter’s Leaks 410K C...
Baby clothes retai...silversurfer — 07:18
Monumental Supply-Chain Attack on Airlin...
A monster cyberatt...silversurfer — 07:16
Ashampoo Snap 12: A ‘limited-comparativ...
Wow! such a great r...jasonX — 03:46

[-]
Birthdays
Today's Birthdays
avatar (27)horancos
Upcoming Birthdays
avatar (34)Tedscolo
avatar (41)brakasig
avatar (40)JamesReshy
avatar (42)Francisemefe
avatar (35)leoniDup
avatar (34)Patrizaancem
avatar (34)biobdam
avatar (35)storoBox
avatar (43)kinotHeemn
avatar (34)Ceballos1976
avatar (35)efynu

[-]
Online Staff
There are no staff members currently online.

>