There is no new content.

» Go to the full list

Recent comments

» 2018.02.03. 18:24:02, Note for Firefox @ Preventing misuses and misapprehensions of FireGloves

» 2017.03.12. 20:02:46, Namrata Nayak @ Predicting anonymity with machine learning in social networks

» 2017.01.13. 20:51:19, anonymous @ Preventing misuses and misapprehensions of FireGloves

» 2016.06.12. 13:52:44, Dany_HackerVille @ Preventing misuses and misapprehensions of FireGloves

» 2014.08.29. 17:16:15, [anonymous] @ Preventing misuses and misapprehensions of FireGloves


3 results.

MyTrackingChoices: An attempt to end the AdBlock war

| | 2016.02.11. 05:18:33  Jagdish Achara  
In the last few years, as a result of the proliferation of intrusive and privacy-invading ads, the use of ad-blockers and anti-tracking tools have become widespread. As of the second quarter of this year, 16% of online Americans, about 45 million people, had installed ad-blocking software, according to PageFair 2015 report. Meanwhile, 77 millions Europeans are blocking ads. All this accounts globally for $21,8 billion worth of blocked ads. The Internet economy is in danger since ads fuel the free content and services over Internet.

As opposed to existing ad blockers that take a binary approach (i.e., block everything if you install them or block nothing otherwise), MyTrackingChoices aims to provide users fine-grained choices about tracking and thereby, categories of Web pages where they're ok or not to receive ads. MyTrackingChoices allows users to choose on which sites (more specifically, on which categories of sites) they want to block the trackers. For example, a user can choose to block the trackers and therefore, ads, on sites related to health or religion, but may choose not to block the trackers on sites related to sports or news.

We assume that a significant proportion of users are not against advertisements, but want to keep control over their data. We believe that some sites are more sensitive than others. In fact, most people don’t want to be tracked on “sensitive” websites (for example related to religion, health,…), but don’t see any problem to be tracked on less sensitive ones (such as news, sport,…). This extension allows you to take control and specify which on which categories of sites you don’t want to be tracked on! Furthermore, the extension also gives you the option to block the trackers on specific websites.

This solution is different from other anti-tracking tools in two ways. First, existing anti-tracking tools give users the option to decide by which entity they don't want to be tracked. However, we believe that most users are concerned with other dimension, i.e., where they don't want to be tracked. Also, this is easy for most users to understand and configure the categories of the websites that are sensitive to them instead of choosing what trackers they want to block. Therefore, we provide this option to users. Secondly, unlike other anti-tracking or ad-blocking tools, we don't block the network requests of all trackers right away because this has an effect on Internet economy. We let user choose the categories (health, religion) of Web-pages that are privacy-sensitive to them and block the trackers on those pages only. 

Tags: web bug, transparency-enhancing technologies, web tracking


0 comment(s).

New privacy awareness raising website:

| | 2016.01.28. 12:52:53  Gulyás Gábor  

As the web lacks nice recaps on how web tracking works and what are the fundamental problems with it, I launched a new website at that aims to fill the gap. Besides describing the state-of-the-art of tracking, it also provides access to our related privacy projects, and fresh and curated news on the topic, too. If you like it, please share it, and if you have comments, don't hesitate to contact!

Note: a Hungarian translation exists at, and if you would to provide a translation on your own language, don't hesitate to contact me. I think it could be done in a couple of hours.

This post originally appeared in the professional blog of Gábor Gulyás.

Tags: web bug, web privacy, tracking, projects


0 comment(s).

Device fingerprinting by font-rendering differences

| | 2015.07.21. 05:51:39  Gulyás Gábor  

In 2012, we demonstrated that the OS can be fingerprinted by checking the presence of a greater variety of front (hey, we also have a paper on that). In addition, we showed this by using JavaScript only that was running from a website. This project seems to have more detailed results on this issue, as the authors went further than checking the presence of of a font: they checked how characters are rendered with a given font in different browser. This surely gives more details than 0/1, and according to their results they could use this information solely to make 34% of their submissions uniquely identifiable:

We describe a web browser fingerprinting technique based on measuring the onscreen dimensions of font glyphs. Font rendering in web browsers is affected by many factors—browser version, what fonts are installed, and hinting and antialiasing settings, to name a few— that are sources of fingerprintable variation in end-user systems. We show that even the relatively crude tool of measuring glyph bounding boxes can yield a strong fingerprint, and is a threat to users' privacy. Through a user experiment involving over 1,000 web browsers and an exhaustive survey of the allocated space of Unicode, we find that font metrics are more diverse than User-Agent strings, uniquely identifying 34% of participants, and putting others into smaller anonymity sets. Fingerprinting is easy and takes only milliseconds. We show that of the over 125,000 code points examined, it suffices to test only 43 in order to account for all the variation seen in our experiment. Font metrics, being orthogonal to many other fingerprinting techniques, can augment and sharpen those other techniques.

We seek ways for privacy-oriented web browsers to reduce the effectiveness of font metric–based fingerprinting, without unduly harming usability. As part of the same user experiment of 1,000 web browsers, we find that whitelisting a set of standard font files has the potential to more than quadruple the size of anonymity sets on average, and reduce the fraction of users with a unique font fingerprint below 10%. We discuss other potential countermeasures.

You can find the paper here.

Tags: web bug, fingerprint, tracking, font, device identifier


0 comment(s).

© International PET Portal, 2010 | Imprint | Terms of Use | Privacy Policy