Английская Википедия:Device fingerprint

Шаблон:Short description A device fingerprint or machine fingerprint is information collected about the software and hardware of a remote computing device for the purpose of identification. The information is usually assimilated into a brief identifier using a fingerprinting algorithm. A browser fingerprint is information collected specifically by interaction with the web browser of the device.Шаблон:R

Device fingerprints can be used to fully or partially identify individual devices even when persistent cookies (and zombie cookies) cannot be read or stored in the browser, the client IP address is hidden, or one switches to another browser on the same device.Шаблон:R This may allow a service provider to detect and prevent identity theft and credit card fraud,Шаблон:R but also to compile long-term records of individuals' browsing histories (and deliver targeted advertising Шаблон:R or targeted exploits Шаблон:R) even when they are attempting to avoid tracking – raising a major concern for internet privacy advocates.Шаблон:R

History

Шаблон:Update Basic web browser configuration information has long been collected by web analytics services in an effort to measure real human web traffic and discount various forms of click fraud. Since its introduction in the late 1990s, client-side scripting has gradually enabled the collection of an increasing amount of diverse information, with some computer security experts starting to complain about the ease of bulk parameter extraction offered by web browsers as early as 2003.Шаблон:R

In 2005, researchers at the University of California, San Diego showed how TCP timestamps could be used to estimate the clock skew of a device, and consequently to remotely obtain a hardware fingerprint of the device.Шаблон:R

In 2010, Electronic Frontier Foundation launched a website where visitors can test their browser fingerprint.Шаблон:R After collecting a sample of 470161 fingerprints, they measured at least 18.1 bits of entropy possible from browser fingerprinting,Шаблон:R but that was before the advancements of canvas fingerprinting, which claims to add another 5.7 bits.

In 2012, Keaton Mowery and Hovav Shacham, researchers at University of California, San Diego, showed how the HTML5 canvas element could be used to create digital fingerprints of web browsers.Шаблон:R

In 2013, at least 0.4% of Alexa top 10,000 sites were found to use fingerprinting scripts provided by a few known third parties.Шаблон:R

In 2014, 5.5% of Alexa top 10,000 sites were found to use canvas fingerprinting scripts served by a total of 20 domains. The overwhelming majority (95%) of the scripts were served by AddThis, which started using canvas fingerprinting in January that year, without the knowledge of some of its clients.Шаблон:R

In 2015, a feature to protect against browser fingerprinting was introduced in Firefox version 41,^[1] but it has been since left in an experimental stage, not initiated by default.^[2]
The same year a feature named Enhanced Tracking Protection was introduced in Firefox version 42 to protect against tracking during private browsing^[3] by blocking scripts from third party domains found in the lists published by Disconnect Mobile.

At WWDC 2018 Apple announced that Safari on macOS Mojave "presents simplified system information when users browse the web, preventing them from being tracked based on their system configuration."^[4]

In 2019, starting from Firefox version 69, Enhanced Tracking Protection has been turned on by default for all users also during non-private browsing.^[5] The feature was first introduced to protect private browsing in 2015 and was then extended to standard browsing as an opt-in feature in 2018.

Diversity and stability

Motivation for the device fingerprint concept stems from the forensic value of human fingerprints.

In order to uniquely distinguish over time some devices through their fingerprints, the fingerprints must be both sufficiently diverse and sufficiently stable. In practice neither diversity nor stability is fully attainable, and improving one has a tendency to adversely impact the other. For example, the assimilation of an additional browser setting into the browser fingerprint would usually increase diversity, but it would also reduce stability, because if a user changes that setting, then the browser fingerprint would change as well.Шаблон:R

A certain degree of instability can be compensated by linking together fingerprints that, although partially different, might probably belong to the same device. This can be accomplished by a simple rule-based linking algorithm (which, for example, links together fingerprints that differ only for the browser version, if that increases with time) or machine learning algorithms.Шаблон:R

Entropy is one of several ways to measure diversity.

Sources of identifying information

Applications that are locally installed on a device are allowed to gather a great amount of information about the software and the hardware of the device, often including unique identifiers such as the MAC address and serial numbers assigned to the machine hardware. Indeed, programs that employ digital rights management use this information for the very purpose of uniquely identifying the device.

Even if they are not designed to gather and share identifying information, local applications might unwillingly expose identifying information to the remote parties with which they interact. The most prominent example is that of web browsers, which have been proved to expose diverse and stable information in such an amount to allow remote identification, see Шаблон:Section link.

Diverse and stable information can also be gathered below the application layer, by leveraging the protocols that are used to transmit data. Sorted by OSI model layer, some examples of protocols that can be utilized for fingerprinting are:

OSI Layer 7: SMB, FTP, HTTP, Telnet, TLS/SSL, DHCP^[6]
OSI Layer 5: SNMP, NetBIOS
OSI Layer 4: TCP (see TCP/IP stack fingerprinting)
OSI Layer 3: IPv4, IPv6, ICMP, IEEE 802.11 Шаблон:R
OSI Layer 2: CDP^[7]

Passive fingerprinting techniques merely require the fingerprinter to observe traffic originated from the target device, while active fingerprinting techniques require the fingerprinter to initiate connections to the target device. Techniques that require interaction with the target device over a connection initiated by the latter are sometimes addressed as semi-passive.Шаблон:R

Browser fingerprint

The collection of a large amount of diverse and stable information from web browsers is possible for most part due to client-side scripting languages, which were introduced in the late 1990s. Today there are several open-source browser fingerprinting libraries, such as FingerprintJS, ImprintJS, and ClientJS, where FingerprintJS is updated the most often and supersedes ImprintJS and ClientJS to a large extent.^[8]

Browser version

Шаблон:Main Browsers provide their name and version, together with some compatibility information, in the User-Agent request header.^[9]^[10] Being a statement freely given by the client, it should not be trusted when assessing its identity. Instead, the type and version of the browser can be inferred from the observation of quirks in its behavior: for example, the order and number of HTTP header fields is unique to each browser familyШаблон:R and, most importantly, each browser family and version differs in its implementation of HTML5,Шаблон:R CSS Шаблон:R and JavaScript.Шаблон:R Such differences can be remotely tested by using JavaScript. A Hamming distance comparison of parser behaviors has been shown to effectively fingerprint and differentiate a majority of browser versions.Шаблон:R

JavaScript object manipulation is specific to each browser family
Browser family	Property deletion (of navigator object)	Reassignment (of navigator/screen object)
Google Chrome	allowed	allowed
Microsoft Edge	no data	no data
Mozilla Firefox	ignored	ignored
Opera	allowed	allowed
Internet Explorer	ignored	ignored

Browser extensions

A combination of extensions or plugins unique to a browser can be added to a fingerprint directly.Шаблон:R Extensions may also modify how any other browser attributes behave, adding additional complexity to the user's fingerprint.Шаблон:R Adobe Flash and Java plugins were widely used to access user information before their deprecation.Шаблон:R

Hardware properties

User agents may provide system hardware information, such as phone model, in the HTTP header.Шаблон:R Properties about the user's operating system, screen size, screen orientation, and display aspect ratio can be also retrieved by using JavaScript to observe the result of CSS media queries.Шаблон:R

Browsing history

The fingerprinter could determine which sites the browser had previously visited within a list it provided, by querying the list using JavaScript with the CSS selector Шаблон:Code.Шаблон:R Typically, a list of 50 popular websites were sufficient to generate a unique user history profile, as well as provide information about the user's interests.Шаблон:R However, browsers have since then mitigated this risk.^[11]

Font metrics

The letter bounding boxes differ between browsers based on anti-aliasing and font hinting configuration and can be measured by JavaScript.Шаблон:R

Canvas and WebGL

Шаблон:Main Canvas fingerprinting uses the HTML5 canvas element,^[12] which is used by WebGL to render 2D and 3D graphics in a browser, to gain identifying information about the installed graphics driver, graphics card, or graphics processing unit (GPU). Canvas-based techniques may also be used to identify installed fonts.Шаблон:R Furthermore, if the user does not have a GPU, CPU information can be provided to the fingerprinter instead.

A canvas fingerprinting script first draws text of specified font, size, and background color. The image of the text as rendered by the user's browser is then recovered by the ToDataURL Canvas API method. The hashed text-encoded data becomes the user's fingerprint.Шаблон:R Canvas fingerprinting methods have been shown to produce 5.7 bits of entropy. Because the technique obtains information about the user's GPU, the information entropy gained is "orthogonal" to the entropy of previous browser fingerprint techniques such as screen resolution and JavaScript capabilities.Шаблон:R

Hardware benchmarking

Benchmark tests can be used to determine whether a user's CPU utilizes AES-NI or Intel Turbo Boost by comparing the CPU time used to execute various simple or cryptographic algorithms.Шаблон:R

Specialized APIs can also be used, such as the Battery API, which constructs a short-term fingerprint based on the actual battery state of the device,Шаблон:R or OscillatorNode, which can be invoked to produce a waveform based on user entropy.Шаблон:R

A device's hardware ID, which is a cryptographic hash function specified by the device's vendor, can also be queried to construct a fingerprint.Шаблон:R

Mitigation methods for browser fingerprinting

Different approaches exist to mitigate the effects of browser fingerprinting and improve users' privacy by preventing unwanted tracking, but there is no ultimate approach that can prevent fingerprinting while keeping the richness of a modern web browser.

Offering a simplified fingerprint

Шаблон:Update

Файл:Typical Tor Browser notification of a canvas read attempt.png

Typical Tor Browser notification of a website attempting a canvas read.

Users may attempt to reduce their fingerprintability by selecting a web browser which minimizes the availability of identifying information, such as browser fonts, device ID, canvas element rendering, WebGL information, and local IP address.Шаблон:R

As of 2017 Microsoft Edge is considered to be the most fingerprintable browser, followed by Firefox and Google Chrome, Internet Explorer, and Safari.Шаблон:R Among mobile browsers, Google Chrome and Opera Mini are most fingerprintable, followed by mobile Firefox, mobile Edge, and mobile Safari.Шаблон:R

Tor Browser disables fingerprintable features such as the canvas and WebGL API and notifies users of fingerprint attempts.Шаблон:R

Offering a spoofed fingerprint

Spoofing some of the information exposed to the fingerprinter (e.g. the user agent) may create a reduction in diversity,Шаблон:R but the contrary could be also achieved if the spoofed information differentiates the user from all the others who do not use such a strategy more than the real browser information.Шаблон:R

Spoofing the information differently at each site visit, for example by perturbating the sound and canvas rendering with a small amount of random noise, allows a reduction of stability.Шаблон:R This technique has been adopted by the Brave browser in 2020.^[13]

Blocking scripts

Blindly blocking client-side scripts served from third-party domains, and possibly also first-party domains (e.g. by disabling JavaScript or using NoScript) can sometimes render websites unusable. The preferred approach is to block only third-party domains that seem to track people, either because they are found on a blacklist of tracking domains (the approach followed by most ad blockers) or because the intention of tracking is inferred by past observations (the approach followed by Privacy Badger).Шаблон:R

Using multiple browsers

Different browsers on the same machine would usually have different fingerprints, but if both browsers are not protected against fingerprinting, then the two fingerprints could be identified as originating from the same machine.Шаблон:R

References

Шаблон:Reflist

External links

Panopticlick, by the Electronic Frontier Foundation, gathers some elements of a browser's device fingerprint and estimates how identifiable it makes the user
Am I Unique, by INRIA and INSA Rennes, implements fingerprinting techniques including collecting information through WebGL.

[1] Шаблон:Cite web

[2] Шаблон:Cite web

[3] Шаблон:Cite web

[4] Шаблон:Cite web

[5] Шаблон:Cite web

[6] Шаблон:Cite web

[7] Шаблон:Cite web

[8] Шаблон:Cite web

[9] Шаблон:Cite web

[10] Шаблон:Cite web

[11] Шаблон:Cite web

[12] Шаблон:Cite journal

[13] Шаблон:Cite web

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

Партнерские ресурсы
Криптовалюты	Обмен криптовалют - www.bestchange.ru Криптовалютная биржа CoinEx Криптовалютная биржа Binance HIVE OS - операционная система для майнинга e4pool - Мультивалютный пул для майнинга.
Магазины	AliExpress — глобальная виртуальная (в Интернете) торговая площадка, предоставляющая возможность покупать товары производителей из КНР; computeruniverse.net - Интернет-магазин компьютеров(Промо код 5 Евро на первую покупку:FWWC3ZKQ);
Хостинг	DigitalOcean - американский провайдер облачных инфраструктур, с главным офисом в Нью-Йорке и с центрами обработки данных по всему миру;
Разное	Викиум - Онлайн-тренажер для мозга Like Центр - Центр поддержки и развития предпринимательства. Gamersbay - лучший магазин по бустингу для World of Warcraft. Ноотропы OmniMind N°1 - Усиливает мозговую активность. Повышает мотивацию. Улучшает память. Санкт-Петербургская школа телевидения - это федеральная сеть образовательных центров, которая имеет филиалы в 37 городах России. Lingualeo.com — интерактивный онлайн-сервис для изучения и практики английского языка в увлекательной игровой форме. Junyschool (Джунискул) – международная школа программирования и дизайна для детей и подростков от 5 до 17 лет, где ученики осваивают компьютерную грамотность, развивают алгоритмическое и креативное мышление, изучают основы программирования и компьютерной графики, создают собственные проекты: игры, сайты, программы, приложения, анимации, 3D-модели, монтируют видео. Умназия - Интерактивные онлайн-курсы и тренажеры для развития мышления детей 6-13 лет SkillBox - это один из лидеров российского рынка онлайн-образования. Среди партнеров Skillbox ведущий разработчик сервисного дизайна AIC, медиа-компания Yoola, первое и самое крупное русскоязычное аналитическое агентство Tagline, онлайн-школа дизайна и иллюстрации Bang! Bang! Education, оператор PR-рынка PACO, студия рисования Draw&Go, агентство performance-маркетинга Ingate, scrum-студия Sibirix, имидж-лаборатория Персона. «Нетология» — это университет по подготовке и дополнительному обучению специалистов в области интернет-маркетинга, управления проектами и продуктами, дизайна, Data Science и разработки. В рамках Нетологии студенты получают ценные теоретические знания от лучших экспертов Рунета, выполняют практические задания на отработку полученных навыков, общаются с экспертами и единомышленниками. Познакомиться со всеми продуктами подробнее можно на сайте https://netology.ru, линейка курсов и профессий постоянно обновляется. StudyBay Brazil – это онлайн биржа для португалоговорящих студентов и авторов! Студент получает уникальную работу любого уровня сложности и больше свободного времени, в то время как у автора появляется дополнительный заработок и бесценный опыт. Автор24 — самая большая в России площадка по написанию учебных работ: контрольные и курсовые работы, дипломы, рефераты, решение задач, отчеты по практике, а так же любой другой вид работы. Сервис сотрудничает с более 70 000 авторов. Более 1 000 000 работ уже выполнено. StudyBay – это онлайн биржа для англоязычных студентов и авторов! Студент получает уникальную работу любого уровня сложности и больше свободного времени, в то время как у автора появляется дополнительный заработок и бесценный опыт.