Beyond the internet, the term browser suggests somebody ‘viewing something in a casual manner’. Perhaps then, we should have been alerted to the fact that our internet browsers are casual in the information they give away about us.
The Electronic Frontier Foundation (EFF) last week issued a warning about web sites that track browser “fingerprints”. We are already aware of cookies and IP addresses offering websites data about their visitors, and you probably use these to build statistics to monitor your company website usage. However, EFF has now urged browser developers to consider closing a ‘new’ security risk when developing new versions.
From its own study on browser-uniqueness the EFF discovered that just how our browser is set-up can offer information as unique as a fingerprint, so our web usage could be tracked without us knowing. Looking at information accessible via a browser’s User Agent (the in-built application that communicates with the client-server providing the website you are accessing), plug-ins and even what fonts are loaded, some 94% of browsers became unique and therefore trackable – a major privacy concern.
Routinely a browser’s User Agent tells a website about what the visitor is using to view the site, so that any variations in style sheet and layout can be applied for a better visitor experience. However, the User Agent will contain over ten pieces of information about operating system and configurations that combined with geographical location and perhaps an uncommon plug-in, can create unique fingerprints in 84% of cases, and for those with Adobe Flash or Java plug-ins installed, this figure increased to 94%.
So even if you decline accepting cookies there is a fair chance when you re-visit a website, they could already know it is you returning as soon as the browser opens the page. Some online-banking systems have begun to put this to use as an added security measure but it could just as easily be used to track your website use. Obviously, a change in your browser set-up, new plug-ins etc has a big effect on the ‘finger-print’ trail but the biggest eye-opener for many will be the large amount of information easily accessible in a browser’s user agent, prompting the requests for browser developer’s to take a long hard look at the potential security risks.
For the moment though, your best bet is to change you browser settings every once in a while, check out a new plug-in, font, etc.
Are you concerned about browser fingerprints? Let us know via your comments below