Re: [tor-talk] Audio fingerprinting
Isnt it block java? As simple as that "mrnob...@mail-on.us"skrev: (26 maj 2016 08:23:34 CEST) >http://techcrunch.com/2016/05/19/audio-fingerprinting-being-used-to-track-web-users-study-finds/ > >A wide-scale study of online trackers carried out by researchers at >Princeton University has identified a new technique being used to try >to >strip web users of their privacy, as well as quantifying the ongoing >usage of some better-known tracking techniques. > >The new technique unearthed by the study is based on fingerprinting a >machine’s audio stack via the AudioContext API. So it’s not collecting >sound played or recorded on a machine but rather harvesting the audio >signature of the individual machine and using that as an identifier to >track a web user. > >I understand that these methods are not possible without javascript, >are >they? >The example provided in the webpage: >https://audiofingerprint.openwpm.com/ >uses fingerprintjs2 library. > >Any thoughts? > > > > >-- >tor-talk mailing list - tor-talk@lists.torproject.org >To unsubscribe or change other settings go to >https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- Sincerly Flipchan -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Audio fingerprinting
> So it’s not collecting sound played or recorded on a machine but rather > harvesting the audio signature of the individual machine and using that as an > identifier to track a web user. "Audio signature" seems a bit broad. From what I can tell it could be doing about three things:1) Fingerprint the browser by looking at the antialiasing method its audiocontext implementation uses2) If the browser is branching the antialiasing method based on the machine/processor/etc., then the miner can infer that by looking at the output.3) Measuring the time it takes the machine to generate the output. It's a javascript api, and if you have javascript turned on there are already way easier ways to get #1 and #2. Plus I doubt #3 would ever be the determining factor in positively ID'ing a machine. But it's still another bit of data. When GCC adds a line to output a caret showing the exact column where an error starts, I go, "Oh, that's very nice!" I'm sure the folks at the other end of your request do the same. -Jonathan On Friday, June 3, 2016 5:40 PM, "mrnob...@mail-on.us"wrote: Actually meant if some of you anon folks knew if it was possible to perform this deanonymisation without javascript. The "fuck javascript" part that i know :) juan: > On Thu, 26 May 2016 06:23:34 + > "mrnob...@mail-on.us" wrote: > > >> uses fingerprintjs2 library. >> >> Any thoughts? > fuck javascript? > > -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Audio fingerprinting
Actually meant if some of you anon folks knew if it was possible to perform this deanonymisation without javascript. The "fuck javascript" part that i know :) juan: > On Thu, 26 May 2016 06:23:34 + > "mrnob...@mail-on.us"wrote: > > >> uses fingerprintjs2 library. >> >> Any thoughts? > fuck javascript? > > signature.asc Description: OpenPGP digital signature -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] Audio fingerprinting
http://techcrunch.com/2016/05/19/audio-fingerprinting-being-used-to-track-web-users-study-finds/ A wide-scale study of online trackers carried out by researchers at Princeton University has identified a new technique being used to try to strip web users of their privacy, as well as quantifying the ongoing usage of some better-known tracking techniques. The new technique unearthed by the study is based on fingerprinting a machine’s audio stack via the AudioContext API. So it’s not collecting sound played or recorded on a machine but rather harvesting the audio signature of the individual machine and using that as an identifier to track a web user. I understand that these methods are not possible without javascript, are they? The example provided in the webpage: https://audiofingerprint.openwpm.com/ uses fingerprintjs2 library. Any thoughts? signature.asc Description: OpenPGP digital signature -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk