#RSAC: Reality of Browsers Leaking Identifiable Information Detailed
In a talk at the RSA Conference in San Francisco, Lexis Nexis Risk Solutions director of product management Daniel Ayoub and VP of product management Dean Weinert talked about the reality of which metrics and identifiers browsers release on users.
In a talk titled “Creepy Leaky Browsers,” Ayoub said that the classic cartoon “on the internet no one knows you’re a dog” was becoming less apparent, as there is so much more info available via a browser. The concept of a browser fingerprint involves a combination of persistent and non-persistent identifiers gathered passively through application programming interfaces (APIs) built into modern web browsers.
Ayoub said these browser fingerprints are typically used for:
Improving the user experience
Return device recognition
Fraud prevention
Weinert said that this all “began with cookies” but browsers went steps forward when cookie use was limited, so identifiers could be determined on a user’s network information, external IP address, screen resolution, and the type of GRU. Ayoub said that many introductions were made in the late 2000s before concerns were raised regarding browser privacy in 2010 by the EFF.
“As time moved on, we saw more APIs added to browsers, and they offered details on what hardware was added, how much RAM was used, and which CPUs were now baked into the browser,” he said. This allows someone to know how a user interacts with a device, and “the key point is that real work apps that benef ..
Support the originator by clicking the read the rest link below.
