Because of fingerprinting, Google Chrome Extensions raise privacy concerns.

(1) Users of Google Chrome should be aware of the possibility of fingerprinting by Chromium extensions.

(2) A new website called Extension Fingerprints generates fingerprint hashes based on the extensions installed on a user’s Chrome or Chromium-based browser.

(3) Fingerprinting is possible with addons like uBlock, Grammarly, and LastPass.

Chrome Extensions are quite handy. They’re compatible with other chromium-based browsers, such as Microsoft Edge. If you use any of these browsers, be aware that the majority of these extensions not only capture a lot of information about you, your device, and your browsing history, but also utilise that information to follow your online behaviour and maybe provide tailored adverts based on it. Fingerprinting is one of the techniques used in data collecting and tracking. Now, a research by web developer z0ccc (via Bleepingcomputer) has raised worries about how Google Chrome addons fingerprint you in an invasive way.

Here’s everything you need to know about Fingerprinting by Chrome extensions. 

GOOGLE CHROME EXTENSIONS FINGERPRINTING: WHAT IT MEANS?

The Chrome Extensions are said to collect information about the user’s computer, such as display resolution, installed apps and fonts, hardware settings, and even performance statistics.

These data are now retrieved to determine which of the user’s cohorts he or she belongs to. The intersection of commonalities across the different groupings aids in triangulating the particular user.

Coming back to the topic at hand, thanks to web developer z0ccc’s website titled ‘Extension Fingerprints,’ which can generate a tracking hash by simply scanning all installed browser extensions, the matter has gotten a lot of attention. It makes use of built-in browser extension features such as ‘web-accessible resources’ and ‘Resource timing comparison.’

Grammarly, uBlock, LastPass, Adobe Acrobat, ColorZilla, Honey, and Rakuten are among the 1,170 popular extensions that appear to have these capabilities.

Only extensions downloaded via the Chrome Web Store, according to the developer, are a source of worry. Even though the Extension Store in Microsoft Edge can and does host some, if not all, of these extensions. The only saving grace is that the IDs of these extension files must be modified in order for fingerprinting to operate. Mozilla Firefox users, on the other hand, need not be concerned in this circumstance because the Firefox extension IDs change with each browser instance and are not suitable for extended tracking and fingerprinting. More technical details about z0ccc’s discoveries can be found here.

Post Comment