HTML5 Canvas Fingerprinting
Posted: 2014-08-15, 10:42
gHacks published recently an interesting article on How companies use Canvas Fingerprinting to track you online ( http://www.ghacks.net/2014/07/21/companies-use-canvas-fingerprinting-track-online/ ).
HTML5 Canvas is not in itself a bad thing, sometimes it is required but, as cookies, it is abused by certain domains to make it contribute to plain fingerprinting, that is tracking.
After having read that article I thought this practice was that of very few domains, and as I left that problematic aside.
Now, I've discovered a new add-on working nicely on Pale Moon 24.7.1 which is CanvasBlocker at https://addons.mozilla.org/en-US/firefox/addon/canvasblocker/
And now, a real surprise to discover the number of domains which actually use this HTML5 Canvas for fingerprinting. Amazing. Among my bookmarks, at this time perhaps around 10%
One can test the browser's Canvas support on http://www.browserleaks.com/canvas
With CanvasBlocker installed and enabled on a per-site basis, HTML5 Canvas Fingerprinting is forbidden for that site. The add-on handles white and black lists.
Enabled for the test site on Browserleaks.com, here is what appears, with my notice on the right :
It works, so I'll share this info for whom may be interested.
HTML5 Canvas is not in itself a bad thing, sometimes it is required but, as cookies, it is abused by certain domains to make it contribute to plain fingerprinting, that is tracking.
After having read that article I thought this practice was that of very few domains, and as I left that problematic aside.
Now, I've discovered a new add-on working nicely on Pale Moon 24.7.1 which is CanvasBlocker at https://addons.mozilla.org/en-US/firefox/addon/canvasblocker/
And now, a real surprise to discover the number of domains which actually use this HTML5 Canvas for fingerprinting. Amazing. Among my bookmarks, at this time perhaps around 10%
One can test the browser's Canvas support on http://www.browserleaks.com/canvas
With CanvasBlocker installed and enabled on a per-site basis, HTML5 Canvas Fingerprinting is forbidden for that site. The add-on handles white and black lists.
Enabled for the test site on Browserleaks.com, here is what appears, with my notice on the right :
It works, so I'll share this info for whom may be interested.