On the Web there are numerous strategies that allow users to be tracked. We already understand that our individual data has fantastic worth on the Internet and that it can be targeted by third parties for profit. In this article we echo a method that might be utilized for this. These are favicons, which can be utilized to track users. Keep in mind that these small icons exist in a lot of modern-day web browsers.
Web browser favicons are utilized to track
A group of security scientists from the University of Illinois has actually discovered a new method that enables them to track users while browsing. For this, they use favicons, the little icons that are in many web browsers and that correspond to the logo design of a web page.
Favicons work for users when searching the Internet If we have lots of tabs open, what we will see in the internet browser is the little icon that represents a site. Today most have one. We can recognize them properly.
Now, according to this group of security researchers, these favicons can also be used to track users. This can occur beyond the present session, even clearing all cookies and information from the searching cache.
These small icons can be seen in the address bar, in each of the tabs that we have open. They will also appear in bookmarks, when you conserve a website for later viewing. It is a form of recognition, to assist in the visualization and much better find the pages.
They are cached by the browser, however stored individually of other cached items, such as HTML files or site images. This means that when users clear the cache, they can delete these saved files but the favicons are still there. They continue throughout the different searching sessions, eliminating data and can be accessible even when getting in private mode.
A single favicon is inadequate
A single favicon is inadequate to determine users based upon it, however the scientists discovered a method to cache several favicons of these little icons. The website carries out a series of redirects through different subdomains to cache a number of different favicons. Each conserved favicon develops its own cache entry, and all together can be utilized to recognize users as long as enough favicons are saved.
These redirects happen without the user needing to interact. The scientists tested this attack against the Chromium-based web browsers Google Chrome, Brave, Safari, and Microsoft Edge, and discovered that all of them were vulnerable to the attack.
They likewise performed the attack in Firefox, however found a bug that avoided the web browser from reading the cached favicon entries. As soon as repaired, Firefox is likely susceptible to attack.
They specified that it is possible to prevent this issue, but it depends on the web browsers themselves to address them. At the moment, although it is a method that has not been proven to be utilized, they could track users through the favicons. We leave you an article with tips to improve personal privacy on the network.