Canvas Fingerprinting is a new way of tracking Internet users that came to some prominence recently. I explained the concept some time ago and suggest you check out the article for detailed information on what it is, what it does and how to prevent it.
Simply put, it makes use of the Canvas element that is part of HTML5 to create profiles and track users. The element can draw on the screen and the fingerprinting makes use of the fact that results are different depending on a number of factors including the browser and operating system that is being used.
It means in essence that Canvas can be used to identify users based on those drawings, even if they are not visible or distinguishable to the human eye. It is especially powerful when combined with other information about a device, the user agent information for example or the IP address.
There is also a Chrome extension, and the new Firefox add-on CanvasBlocker. The add-on blocks the canvas element on pages that you visit and gives you control over the blocking as well.
It is set to ask for permission for visible canvas elements by default as sites may use the canvas element for other purposes besides user tracking.
You can change the block from that in the options if you prefer a different setting. This includes blocking all canvas elements on all pages, only allowing whitelisted elements, to block canvas only on blacklisted sites or to allow everything.
Both whitelist and blacklist are maintained in the preferences as well. CanvasBlocker supports regular expressions, and domains are separated with a "," in both lists. Google domains and the author's own domain are whitelisted by default with options to remove those from the whitelist in the options.
The last option available there is to allow canvas in PDFs. Firefox's native PDF reader pdf.js uses canvas to display contents which is why it is enabled by default. It is however possible to disable this there as well.
You can test the functionality of the extension on Browserleak's Canvas Fingerprinting test page. Canvas and Text Api for Canvas should return the value false in the test which means that the feature is not supported on that page.
CanvasBlocker is a useful extension for the Firefox web browser that can block the Canvas element selectively or completely in Firefox.Advertisement
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.