Identification of the user's browser. Canvas and WebGL fingerprint as a replacement for cookies.

Cookies have long been invented To identify the user (the device on which he works). The Mechanism of user/browser detection on cookies has recently become unreliable (incognito mode, can be reset, etc.).

There are EverCookies or ZombieCookie, which try to save in a lot of places and the ordinary user is not easy to clean them, if, of course, it does not work in the cutting incognito. It does not store anything on the disk, so EverCookies will not work.

For the user’s browser identification to work and without cookies, digital fingerprint technology (fingerprint) has appeared. The Most widely used Canvas fingerprint and WebGL fingerprint. Perhaps, the most popular library for obtaining a digital imprint-FingerprintJS2, written by our compatriot Valentin Vasilyev: https://github.com/Valve/fingerprintjs2. The Vows were made a few months ago, so the development is active. In detail about the technologies of identification he tells here.

Another Common Library is ClientJS: https://clientjs.org/It also uses Canvas Fingerprint, but it doesn’t seem to have WebGL fingerpring. Liba has not been updated for 2 years, apparently the author has abandoned the project.

A Separate script for WebGL fingerprint is here: https://codepen.io/jon/pen/LLPKbz. The Hash obtained by this libe coincides with the results of https://browserleaks.com/webgl.

There is a script to calculate the Canvas Fingerprint: https://github.com/kmowery/canvas-fingerprinting.

The Most serious service for calculating fingerpring-https://www.augur.io/It has since some time ceased to be open-source and I could not find the raw when it was opensource. Now This is a “cloud” service on which I could not register to get a demo access. Well, the staff, the service is cloudy-it is not suitable for projects where you need the fastest response.

There is some project https://amiunique.org to check how much the browser is anonymous https://github.com/DIVERSIFY-project/amiunique. There are also used chunks of code to get fingerprint, but apparently they are taken with FingerprintJS2.

A Serious service for testing anonymity-https://panopticlick.eff.org/. Actually, the study of Electronic Frontier Foundation and this service led to the fact that there were technologies for calculating fingerprint, as they proved in practice that the browser can be uniquely identified in ~ 94% of cases. Unfortunately, the raw materials for calculating fingerprint they do not open. You May be using some of these libraries.

Already mentioned project https://browserleaks.com/which uses different ways of identification of the browser. It Seems that the FingerPrintJS2 code is also used.

An Interesting description of Device Fingerprint: http://www.darkwavetech.com/index.php/device-fingerprint-blog/?disp=posts.

A Curious article with a general overview and references to different fingerprint generation systems.

Browser Fingerprinting: What Is It and What Should You Do About It?

Useful links:

Spread the love
This entry was posted in IT-solutions-for-a-business. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *