Long-known Favicon images, which were already identified in the noughties as clearly undesirable by many antivirus programs, have turned on a second wind in the marathon of tracking actions in various browsers.


The paradox is that, despite the rather advanced, from the point of view of the user, the methods that they use to hide any data about themselves in the process of Internet surfing, such as connecting via VPN and using various types of “incognito” mode, are powerless before the new identification system.


The point is to define a specific instance of a particular browser. This is due to the unique values that are formed in the operating system when the browser itself is functioning, and it does not matter which one.

Favicon, if we consider it simplistically, in the form of a certain technology – just a picture presented in a data stream in a certain format with its own storage and access space.


And then the magic begins: since these images are stored in a separate space (cache), which simultaneously performs the role of Supercookie (request markers), this creates a well-defined and workable vulnerability.


And this separate cache is not cleared by standard methods, and if you analyze the receipt of such a Favicon image (or non-receipt, which is also important for further comparison when reloading pages) from the server, it becomes possible to understand whether a particular page was opened in this particular instance of the browser – and check the “digital fingerprint” in the database of already submitted requests.


That’s all – so the user is authenticated, and the flow of targeted advertising is ready, with the accumulation of a fairly small number of fingerprints that allow you to confidently install the user…


The most popular five browsers successfully proved by testing for marking, identification and the presence, at this time, of a working vulnerability – however, in fairness, it should be noted that Firefox in desktop versions of Linux, due to the complete rejection of the use of image caching, was not available for this kind of tracking.

Leave a Reply

Your email address will not be published. Required fields are marked *

GPD Host Contacts
GPD Host Social
Pay with Confidence

Copyright © 2015 - 2020 GPD Host All right reserved.

Warning: Invalid argument supplied for foreach() in /var/www/vhosts/blog.gpdhost.com/httpdocs/wp-includes/script-loader.php on line 2652