Keyboard Privacy for Chrome prevents behavioral profiling based on your typing

Martin Brinkmann
Sep 24, 2015
Updated • Sep 1, 2019
Google Chrome, Google Chrome extensions
|
9

Most Internet users know that they are tracked when they are online. Common forms include scripts that run on sites, social buttons, or analytic software.

Users interested in tracking, for instance to protect themselves better, know of other tracking methods such as fingerprinting.

While those tracking methods are still widely used, research has been underway for a long time to find other means of tracking users, and research in behavioral profiling brought forth numerous new tracking methods that no one thought of several years ago.

One method analyses a users typing patterns. Instead of just profiling what you are typing, for instance by looking at recurring errors or the use of certain words, this type of profiling analyzes how you type as well.

The method uses many different metrics for that, for instance how long it takes to press certain keys, the delay between key presses, how long it takes you to type common words, or which common errors you make repeatedly, and how long it takes you to correct them.

Protection

So how do you protect yourself from this form of behavioral targeting? You could break the pattern if you concentrate on that by typing differently for instance or mixing things up by using online keyboards or different types of keyboard that force you to use them in a different way.

The experimental Google Chrome extension Keyboard Privacy offers an automated solution. Good news is that it works right after you have installed it in the browser without you doing anything else besides that.

privacy enabled chrome

The extension adds an icon to Chrome's main toolbar that reveals preferences and an option to disable the feature on the site you are on.

It supports the two core metrics Dwell Time and Gap Time currently which, according to the extension's author Paul Moore, is sufficient to block the behavioral profiling.

Dwell time is the time each key is pressed and gap time the time between key presses.

You should not notice any issues or noticeable delays while using the software. If you do, you may adjust the time settings or disable the extension's functionality on the site you are on.

You may notice that Chrome's CPU use is going up while you are typing but it will go down once you are finished doing so.

Closing Words

Keyboard Privacy is a handy Chrome extension that improves your privacy online. While the scope of behavioral profiling is unknown right now, it is certain that it will play a bigger role in the coming years as traditional tracking methods are not nearly as effective anymore as they have been years ago.

Summary
software image
Author Rating
1star1star1star1stargray
2.5 based on 2 votes
Software Name
Keyboard Privacy
Software Category
Browser
Landing Page
Advertisement

Previous Post: «
Next Post: «

Comments

  1. White said on January 26, 2021 at 7:31 pm
    Reply

    Great article!

    I want to read more of ghacks articles of the past but I don’t want to rifle every page in this website.

    I would appreciate if your team create a solution in this website. To be honest, many of your readers would appreciate your team’s effort.

  2. alfie69 said on September 26, 2015 at 11:21 pm
    Reply

    ok so yet another invasive profiling i was unaware of till now, when will prying eyes mind their own f.. business! and even though this is a chrome extension i doubt it is only google using this new form of spying? like who do they sell this onto or when will it be hacked and used maliciously!! it never ends does it…till we all unplug!

  3. ConcretePool said on September 26, 2015 at 2:44 pm
    Reply

    Using StartPage on Google Chrome is a strange move.

  4. Anonymous said on September 26, 2015 at 8:50 am
    Reply

    > I agree to disagree with your disagreement :) beerpatzer is correct. Do not confuse end user “security” vs “privacy”. Google will happily help make the web a safer, more secure place – but their end objective is to always scrape more info about you and your habits – don’t kid yourself.

    You missed one big point. The USER chooses to use Google or Google products, all of these tracking/spying is a result of User reaction. You don’t like ads? No problem, you use an adblocker – they will implement other things. You don’t like searching on 20 pages to get an ‘good’ result, no problem Google track your ‘preferences’. In fact it’s not only Google ‘to improve’ there products but to ‘improve’ and saying always this is tracking isn’t correct, the user was it, if every user would user alternatives or blame google in there support channels to get an opt-out by default non of these all happens.

    In the past google did a lot to improve the web, some people would say they ‘want control over it’ well – you always get what you want, you don’t like it? – Disable or avoid it but don’t make the mistake to say it’s automatically spying or such. If the big ones would provide another user feedback I bet anyone would blame why you need to waste your time with fill something in such formulas. It’s how they make it – always wrong. But blaming is easy, give some ideas or results to improve it is always hard-

  5. CHEF-KOCH said on September 25, 2015 at 8:17 am
    Reply

    I disagree, Google helped a lot to secure things. They removed RC4, they introduced safe-browsing and such important things. Of course a major problem is that if you’re page getting banned from google you can’t do anything much – that’s the power of monopolist.

    1. Kasey said on September 25, 2015 at 6:26 pm
      Reply

      I agree with Chef-Koch. While they may internally use the information you provide, they really have brought security a long way.

      1. Pants said on September 25, 2015 at 7:27 pm
        Reply

        You have failed verbal reasoning 101 … beerpatzer never said anything about security – he said PRIVACY. Stop conflating the two :) However, everyone is correct – google helps security, google is not so good for privacy (let’s not split hairs here; example – yes HTTPS is great, but then you are also trading that security by giving google all your search history etc – there can be overlap between security/privacy but generally speaking they are entirely two different things).

    2. Pants said on September 25, 2015 at 6:12 pm
      Reply

      I agree to disagree with your disagreement :) beerpatzer is correct. Do not confuse end user “security” vs “privacy”. Google will happily help make the web a safer, more secure place – but their end objective is to always scrape more info about you and your habits – don’t kid yourself.

      That said, the cause of exact precise timing fingerprinting techniques and vectors are to be found OS or server side, not in clients – clients merely report the system time (whether that’s chrome of FF or opera or safari etc) – hence big changes in TOR for randomizing “microseconds” in everything time/timing related. I’m not an expert, but I believe simply comparing your time vs the server gives a pretty good fingerprint (we’re talking 10’s of decimal places of a second) – so unless you can block or manipulate all outgoing time vectors …, all it takes is one simple JS query about your system time and voila, you’re nailed … *sigh*

  6. beerpatzer said on September 25, 2015 at 2:25 am
    Reply

    Trusting Google to protect your privacy is like trusting a fox to guard the henhouse.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.