October 30, 2015
Günes Acar
In this talk, we give an overview of three recent studies on advanced web tracking mechanisms, namely browser fingerprinting, evercookies and cookie syncing. These tracking mechanisms can be differentiated from their conventional counterparts (e.g. cookies) by their potential to circumvent users’ tracking preferences, being hard to discover and resilient to removal. We will present the results from our large-scale analysis of font-based fingerprinting (CCS'13), canvas fingerprinting, evercookies and cookie syncing (CCS'14). Moreover, we present our work on HTML5 Battery Status API (DPM'15), which highlighted the privacy risks associated with the API. These include short term tracking by battery information and exploiting the high precision readouts provided by Firefox on Linux to discover the capacity of users' batteries.