Single-browser
state of the art
Paper
Beauty and the Beast: Diverting modern web browsers to build unique browser fingerprints
Website
Features
| Attribute | Source | Function or Example |
|---|---|---|
| User agent | HTTP header | “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36” |
| Accept | HTTP header | “text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8””text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8” |
| Content encoding | HTTP header | “gzip, deflate, sdch, br” |
| Content language | HTTP header | “en-US,en;q=0.8” |
| List of plugins | JavaScript | navigator.plugins |
| Platform | JavaScript | navigator.platform |
| Cookies enabled | JavaScript | navigator.cookieEnabled |
| Do not track | JavaScript | navigator.doNotTrack |
| Timezone | JavaScript | new Date().getTimezoneOffset() |
| Screen resolution and depth | JavaScript | screen.width/height/colordepth |
| Use of local/session storage | JavaScript | localStorage/sessionStorage |
| Canvas | JavaScript | |
| WebGL Vendor | JavaScript | canvas.getContext(“…”)code 1 |
| WebGL Render | JavaScript | canvas.getContext(“…”)code 1 |
| Use of Adblock | JavaScript | Detect Adblock |
| List of fonts | Sinde-channel | List 1 in Cookieless Monstercode 2 |
| List of fonts | Flash | flash.text.Font.enumerateFonts(true) |
| Screen resolution | Flash | flash.system.Capabilities.screenResolutionX/Y |
| Platform | Flash | flash.system.Capabilities.os |
| Language | Flash | flash.system.Capabilities.language |
code 1
code 2
How to detect a specific Chrome extension is installed from regular HTML page
Each submitted extension on Chrome store has a special number.
Cross-browser
Paper
(Cross-)Browser Fingerprinting via OS and Hardware Level Features
Website
Weakness
- Small size of the training data
Only 3,615 fingerprints from 1,903 users within three months. - WebGL tasks need a significant time overhead.
Contribution
- AmIUnique considered WebGL is “too brittle and unreliable”. Because they select a random WebGL task and does not restrict many variables, such as texture, transparency, light, canvas size and anti-aliasing.
- Some differences between rendering results are very subtle, i.e., with one or two pixel variance.
- WebGL rendering is a combination of software and hardware in which the hardware contributes more than the software. The uniqueness of software rendering is definitely much lower than the one of hardware rendering but still not zero.
Features
Screen resolution
- problem: The resolution changes in Firefox and IE when the user zooms in or out the web page.
- method:
- Detect the zoom levels based on the size of a div tag and the device pixel ratio, and then adjust the screen resolution correspondingly.
- The ratio between screen width and height, which does not change with the zoom level.
- addition:
- availHeight, availWidth, availLeft, availTop, and screenOrientation.
- Users may open different browser in different screens which have different resolutions.
Number of CPU virtual cores
- method: navigator.hardwareConcurrency
- addition: Safari will cut the number available cores to Web Workers by half.
AudioContext
Peak values and their corresponding frequencies are relatively stable across browsers.
- paper: Online Tracking:
A 1-million-site Measurement and Analysis - problem: The entropy is much smaller than the entire entropy of the entire wave.
List of fonts
- problem: Not all fonts are cross-browser fingerprintable because some fonts are web specific and provided by browsers.
Line, curve and anti-aliasing
There are many existing algorithms for anti-aliasing, such as first-principles approach, signal processing approach, and mipmapping, which make anti-aliasing fingerprintable.
Vertex shader and fragment shader
Algorithm differs from one graphic card to another, making texture fingerprintable.
- Varyings: Provide an interface between Vertex and Fragment Shader. The interpolation algorithm varies in different computer graphics cards.
- Textures: Give a setting of mapping between vertexes and texture, a fragment shader calculates the color of each pixel based on the texture.
Transparency via Alpha Channel
Because some graphics cards adopt discrete alpha values, some jumps may be observed in the changes of transparency effects.
Image encoding and decoding
Different algorithms may uncover different information during decompression. Both DataURL and JPEG formats are unstable across different browsers, because these formats are with loss and implemented differently in multiple browsers and the server side as well.
- problem: a single-browser feature, and cannot be used for cross-browser
Installed writing scripts (languages)
A browser with a particular language installed will display the language correctly, and otherwise show several boxes.
WebGL tasks
The size of the canvas is 256×256. The axes of the canvas are defined as follows. [0, 0, 0] is the middle of the canvas, where x-axis is the horizontal line that increases to the right, y-axis is the vertical line that increases to the bottom, and z-axis increases when moving far from the screen. An ambient light with the power of [R: 0.3, G: 0.3, B: 0.3] on a scale of 1 is present, and a camera is placed at the location of [0, 0, -7].
Task (a): Texture
Randomly-generated texture rather than a regular will have more fingerprintable features.Task (b): Varyings
Task (b’) Anti-aliasing + Varyings
Task (c) Camera(缩小立方体,减少了差异)
Camera moved to a new location of [-1, -4, 10]Task (d) Lines and curves
Task (d’) Anti-aliasing +Anti-aliasing + Lines and curves
Task (e) Multi-models
信息熵比Task a就大了0.01Task (f) Light
a diffuse, point white light. The power of the light is 2 for each primary color, and the light source is located at [3.0, -4.0, -2.0].
模型是彩色的,单色光可能会减少一些细微的差异。光照太弱不能照亮模型,太强会让所有都变成白色。位置是随机的。
信息熵比Task a就大了一点点Task (g) Light and models
the interaction of a single, diffuse, point light and two models, because one model may create a shadow on another when illuminated by a point light.
信息熵比Task f就大了一点点信息熵就大了0.03Task (h) Specular Light
test the effects of a diffuse point light with another color and a specular point light on two models.
信息熵比Task e大了0.9(f比e大了0.01)Task (h’) Anti-aliasing + Specular Light
Task (h”) Anti-aliasing + Specular Light + Rotation
信息熵减小,稳定性增加,转了一面,信息变少了Task (i) Two Textures(差了,第一层纹理是精心挑选的)
Add another texture on the multi-models in Task e.Task (j) Alpha
- many GPUs do not accept smaller steps
- the Suzanne and sofa models are positioned so that they are partially overlapped
增加alpha的值,趋势是信息熵变大,但是有反反复复的回滚,原因是software rendering引起的
Task (k) Complex lights
因为有5000多个模型,光的反射又互相影响,所以效果拔群Task (k’) Anti-aliasing + Complex lights
Task (l) Clipping plane
贡献不大Task (m) Cubemap texture + Fresnel effect
比较好,信息多cube mapTask (n) DDS textures
微软那一套,一些浏览器不支持Task (o) PVR textures
只支持苹果设备Task (p) Float textures
比较好,信息多depthTask (q) Video (Animating Textures)
single-browser的效果好。decoding video is a combination of the browser, the driver, and sometimes the hardware as well.- Task (r) Writing Scripts