Browser fingerprinting refers to methods to profile a browser based on information transferred automatically when connections are made to websites or services, or generated with the help of scripts and technologies.
It is unclear how widely browser fingerprinting is being used on the Internet but it is clear that it is used by some companies to track users online. Often, it is used in conjunction with traditional tracking methods such as cookies or LSO.
I analyzed Canvas Fingerprinting yesterday, one of the many fingerprinting techniques, and Chameleon for Chrome was one of the extensions mentioned in the guide.
While it does not protect against this particular method yet -- it only highlights the use -- it is designed to highlight and protect you against fingerprinting attacks.
Note: The extension has not been updated since 2014. While it still works in Chromium-based browsers, the lack of updates means that it won't highlight or protect against new fingerprinting methods.
Chameleon is not available on the Chrome Web Store which means that installation of the extension is not as straightforward as usual. Here is what you need to do to install it in Chrome or Chromium-based browsers:
Chameleon adds an icon to Chrome's main toolbar that indicates if the extension is active, and how many tracking elements it has discovered on the active page.
As far as detection is concerned, it supports the following fingerprinting techniques:
On the protection side of things, it supports the following (meaning it will block requests or modify them):
When you click on the icon it displays the property access count and scripts used on the page in a summary at the top, and below that the list of hostnames and which properties they have accessed.
Not all requests are used to fingerprint the browser or user. Websites may for instance requests the window width and height to display contents properly in the browser window.
Tip: you may want to use a script blocker if you notice hostnames that are used a lot while you are browsing the Internet. You can use an add-on like uMatrix for that (read our review of the extension here, and the review of uBlock here which is a lightweight alternative).
You can disable the extension at any time with a click on its icon and the selection of disable in its interface. That's also the way how you enable it again.
Chameleon is an excellent extension for the Chrome web browser that is informing you if a website uses techniques that can be used to fingerprint the browser.
Besides providing you with information about these techniques, it is also protecting you against some of them automatically.Advertisement
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.