New browser-tracking hack works even when you flush caches or go incognito

New browser-tracking hack works even when you flush caches or go incognito

Researchers from the University of Illinois, Chicago said in a new paper that most browsers cache the images in a location that’s separate from the ones used to store site data, browsing history, and cookies.

How anti-fingerprinting extensions tend to make fingerprinting easier

How anti-fingerprinting extensions tend to make fingerprinting easier

Fingerprinting can now use two data points instead of one: not merely the real display resolution but also the fake one.As anti-fingerprinting functionality in browser extensions is rather invasive, it is prone to breaking websites.

Introducing Cover Your Tracks!

Introducing Cover Your Tracks!

Panopticlick was about letting users know that browser fingerprinting was possible; Cover Your Tracks is about giving users the tools to fight back against the trackers, and improve the web ecosystem to provide privacy for everyone.

Microsoft Warns: A Strong Password Doesn’t Work, Neither Does Typical Multi-Factor Authentication

Microsoft Warns: A Strong Password Doesn’t Work, Neither Does Typical Multi-Factor Authentication

picture alliance via Getty Images The Director of Identity Security at Microsoft has been warning about the inefficacy of passwords and more recently about standard Multi-Factor Authentication or MFA.He should know: the team he works with at Microsoft defends against hundreds of millions of password-based attacks every day.

Should You Use Biometric Locks on Your Devices?

Should You Use Biometric Locks on Your Devices?

As such, many cybersecurity experts actually recommend biometric locks like fingerprint, face scan, or retina scan instead.No matter what protection you go with for your devices – be it password, PIN, or biometric lock – make sure that you’ve done your research.

Why You Need Multi-Factor Authentication (MFA)

Why You Need Multi-Factor Authentication (MFA)

This is a piece of information or a device that is given to you to confirm your identity at the time of accessing your account like a one-time password or a push notification from an app.

Biometric Technology: A Brief History

Biometric Technology: A Brief History

Two technologies collided at the right time to facilitate the adoption of biometric authentication: The science behind scanning sensors improved to almost perfectThe use of smartphones went through the roof.

AmIUnique

AmIUnique

This website aims at studying the diversity of browser fingerprints and providing developers with data to help them design good defenses.Contribute to the efforts by viewing your own browser fingerprint or consult the current statistics of data provided by users around the world!.

This Ring Uses a Fake Fingerprint to Protect Your Biometric Data

This Ring Uses a Fake Fingerprint to Protect Your Biometric Data

Consumers increasingly rely on fingerprint and facial scans to unlock their electronic devices, but what happens if their biometric data ends up in the wrong hands?According to Kaspersky, a more ideal solution is to build protections inside electronic devices to prevent fingerprint or facial data from ever leaking.

The rise of facial data collection and mobile finger print scanning in the UK

The rise of facial data collection and mobile finger print scanning in the UK

In England and Wales, more than half of police forces have deployed mobile fingerprint scanners – devices that carry out on-the-spot ID checks against immigration databases, turning officers into border guards.

The NYPD Kept an Illegal Database of Juvenile Fingerprints for Years

The NYPD Kept an Illegal Database of Juvenile Fingerprints for Years

For years, the New York Police Department illegally maintained a database containing the fingerprints of thousands of children charged as juvenile delinquents — in direct violation of state law mandating that police destroy these records after turning them over to the state’s Division of Criminal Justice Services.

In Germany, controversy still surrounds video surveillance

In Germany, controversy still surrounds video surveillance

The interior minister, who is responsible for ensuring the safety of the German public, was referring to a pilot project to test facial recognition technology at Berlin's Südkreuz train station, a major hub for local and international travelers.

Samsung: Anyone's thumbprint can unlock Galaxy S10 phone

Samsung: Anyone's thumbprint can unlock Galaxy S10 phone

The issue was spotted by a British woman whose husband was able to unlock her phone with his thumbprint when it was stored in a cheap case.Previous reports suggested some screen protectors were incompatible with Samsung's reader because they left a small air gap that interfered with the scanning.

Can you give away your fingerprints in a photo?

Can you give away your fingerprints in a photo?

Going to such lengths to protect your fingerprints might seem extreme, but incentives to bypass biometric security are growing as it increasingly shows up in everything from smartphones to door locks.“As biometrics become more prevalent in the authentication process, motivated attackers will definitely find innovative ways to bypass them,” said Vivek Chudgar, senior director at Mandiant, a consulting arm of cybersecurity firm FireEye. But some experts say harvesting fingerprints from pictures requires some specific conditions.

Amazon tests Whole Foods payment system that uses hands as ID

Amazon tests Whole Foods payment system that uses hands as ID

The high-tech sensors are different from fingerprint scanners found on devices like the iPhone and don’t require users to physically touch their hands to the scanning surface.At Amazon’s budding chain of “Go” convenience stores that launched last year, customers use a phone app to check in at a turnstile.

Google proposes new privacy and anti-fingerprinting controls for the web

Google proposes new privacy and anti-fingerprinting controls for the web

Some users will argue that Google could take more drastic measures and simply use its tech prowess to stop the ad ecosystem from tracking you through cookies, fingerprinting and whatever else the adtech boffins will dream up next.

A major security breach raises a key question: what happens when your biometric data is exfiltrated from a system?

A major security breach raises a key question: what happens when your biometric data is exfiltrated from a system?

As the researchers note, anyone who had found this database could use those admin passwords to take over a high-level BioStar 2 account with all user permissions and full clearances, and make changes to the security settings in an entire network.

Building a more private web

Building a more private web

So today, we are announcing a new initiative to develop a set of open standards to fundamentally enhance privacy on the web.Starting with today’s announcements, we will work with the web community to develop new standards that advance privacy, while continuing to support free access to content.

Major breach found in biometrics system used by banks, UK police and defence firms

Major breach found in biometrics system used by banks, UK police and defence firms

The fingerprints of over 1 million people, as well as facial recognition information, unencrypted usernames and passwords, and personal information of employees, was discovered on a publicly accessible database for a company used by the likes of the UK Metropolitan police, defence contractors and banks.

Digital Fingerprints

Digital Fingerprints

Once you’re on one website that has your name, say on Google or Facebook or Amazon, they can tie that to this fingerprint. Then, anywhere else you go online, anyone that has purchased your fingerprint with your name, only needs to see your browser fingerprint, to know that is indeed you.

JavaScript tells all, which turns out not to be so great for privacy: Side-channel leaks can be exploited to follow you around the interweb

JavaScript tells all, which turns out not to be so great for privacy: Side-channel leaks can be exploited to follow you around the interweb

Boffins from Graz University of Technology in Austria have devised an automated system for browser profiling using two new side channel attacks that can help expose information about software and hardware to fingerprint browsers and improve the effectiveness of exploits.

All iPhones And Some Android Phones Are Vulnerable To A New Device Fingerprinting Attack

All iPhones And Some Android Phones Are Vulnerable To A New Device Fingerprinting Attack

The researchers developed a method for creating a much more robust device fingerprint that uses data gathered from the sensors in a smart phone. As with iPhones, there’s good news and bad about SensorID and Android phones.

An Australian worker won a landmark privacy case against his employer after he was fired for refusing to use a fingerprint scanner

An Australian worker won a landmark privacy case against his employer after he was fired for refusing to use a fingerprint scanner

According to case documents, Lee asserted that he had ownership over the biometric data contained within his fingerprint, and that Superior Wood could not require that information from him under the country's Privacy Act. Lee filed a suit with Australia's Fair Work Commission in March 2018, claiming he was unfairly dismissed from the company.

Jeremy was fired for refusing fingerprinting at work. His case led to an 'extraordinary' unfair dismissal ruling

Jeremy was fired for refusing fingerprinting at work. His case led to an 'extraordinary' unfair dismissal ruling

When Queensland sawmill worker Jeremy Lee refused to give his fingerprints to his employer as part of a new work sign-in, he wasn't just thinking about his privacy.

VPNs can’t protect privacy. Use Tor Browser instead, even for everyday browsing.

VPNs can’t protect privacy. Use Tor Browser instead, even for everyday browsing.

Because relatively few people change their VPN server location during 1 session, trackers can be pretty sure that two users with exactly same browser fingerprint and TCP/IP fingerprint but different IP address, one.

Biometrics are not Protected in the United States – Court Case Reaffirms

Biometrics are not Protected in the United States – Court Case Reaffirms

Using password unlocks are the only real way to protect your device, as pin and gesture based entry methods can be easily brute forced and biometrics lack sound legal protection. Derek is a cryptographer, security expert and privacy activist.

Firefox's New Anti-Tracking Feature Blocks Cryptomining and Fingerprinting Sites: How to Enable

Firefox's New Anti-Tracking Feature Blocks Cryptomining and Fingerprinting Sites: How to Enable

Given the rise in harmful practices like cryptocurrency mining and fingerprinting, Mozilla has now introduced a new anti-tracking feature for its Firefox browser. Once you are on the latest Nightly Beta 68 or Beta 67 version of Firefox , the anti-tracking feature will have to be enabled manually.

Protections Against Fingerprinting and Cryptocurrency Mining Available in Firefox Nightly and Beta

Protections Against Fingerprinting and Cryptocurrency Mining Available in Firefox Nightly and Beta

We have added a feature to block fingerprinting and cryptomining in Firefox Nightly as an option for users to turn on. In Firefox Nightly 68 and Beta 67, these new protections against fingerprinting and cryptomining are currently disabled by default.

Fingerprinting TLS clients with JA3

Fingerprinting TLS clients with JA3

This article is a short guide to using JA3 for fingerprinting TLS clients, with possible use cases and a simple demo. At the implementation level this can translate to: advertising dummy future ciphers each time in order to create unique fingerprints.

Now sites can fingerprint you online even when you use multiple browsers

Now sites can fingerprint you online even when you use multiple browsers

"From the negative perspective, people can use our cross-browser tracking to violate users' privacy by providing customized ads," Yinzhi Cao, the lead researcher who is an assistant professor in the Computer Science and Engineering Department at Lehigh University, told Ars.