No boundaries for user identities: Web trackers exploit browser login managers

Gunes Acar, Freedom to Tinker, Dec 27, 2017
Commentary by Stephen Downes

The first item in this series, describing how websites record your sessions by tracking keyboard clicks and mouse movements - was an eye-opener. This article talks about how your browser betrays you. "Third-party scripts exploit browsers’ built-in login managers (also called password managers) to retrieve and exfiltrate user identifiers without user awareness." I tested it myself on their live demo page and it certainly appears to work. There's a list of sites that use this technique for grabbing email addresses and using them for tracking. Using ad blockers can help prevent this. But the best defense is to disable browser auto-fill options and use a third party password manager like 1password instead. Via Ben Werdmuller.

Views: 0 today, 502 total (since January 1, 2017).[Direct Link]
Creative Commons License. gRSShopper

Copyright 2015 Stephen Downes ~ Contact:
This page generated by gRSShopper.
Last Updated: Jun 19, 2018 04:22 a.m.