The vulnerability affects top browsers including Chrome, Firefox, Safari, and even Tor.
It is not unusual for a user to switch between using different browsers for different browsing activities and those who have made this into a routine may even be at risk because a security researcher and developer at FingerprintJS, Konstatin Darutkin, recently discovered a vulnerability that allows websites to track users across different browsers.
SEE: Brave browser Tor feature leaked .Onion queries to ISPs
This not only poses a threat to cross-browser anonymity but also allows websites to identify users reliably across different desktop browsers and link their identities together.
This flaw is referred to as “scheme flooding” and affects various browsers including:
Apple’s Safari
Google Chrome
Microsoft Edge
Mozilla Firefox
Tor browser
The vulnerability allows an attacker to determine which applications someone has installed by generating a 32-bit cross-browser device identifier that a website can use to test a list of 32 popular applications.
This tracking across different browsers is done by querying the installed applications on the device because certain applications, when installed, will create custom URL schemes that the browser can use to launch a URL in a specific application.
If that specific application is launched, it means that that application is installed and then a profile of the applications installed on a device can be built, compromising cross-browser anonymity. By checking for different URL handlers, a script can use the detected applications to build a unique profile for your device.
The source code of the
Support the originator by clicking the read the rest link below.
