A researcher has built a website that utilizes installed Google Chrome extensions to generate a fingerprint of the device that can be used to track the user online.
In tracking users online, it is possible to create fingerprints, or tracking hashes, using the characteristics of a device connected to a website such as GPU performance, installed Windows applications, a device’s screen resolution, hardware configuration, and the installed fonts.
It is then possible to track a device on various sites through the same fingerprinting method.
Very recently, web developer ‘z0ccc’ shared a new fingerprinting site called ‘Extension Fingerprints’ that is able to generate a tracking hash using a browser’s installed Google Chrome extensions.
In building a Chrome browser extension, creators may be able to declare certain assets as ‘web accessible resources’ that web pages or other extensions may be able to access.
It is also possible to utilize web-accessible resources to detect installed extensions and come up with a fingerprint of a visitor’s browser based on the merger of found extensions.
To evade detection, some extensions, according to z0ccc, use a secret token that is required to access a web resource. But the researcher uncovered a ‘Resource timing comparison’ method that may still be used to monitor if the extension is installed.
“Resources of protected extensions will take longer to fetch than resources of extensions that are not installed. By comparing the timing differences you can accurately determine if the protected extensions are installed,” said z0ccc on the project’s GitHub page.
The extensions that the website is able to identify are uBlock, LastPass, Adobe Acrobat, Honey, Grammarly, Rakuten, and ColorZilla.
The Extensions Fingerprints site only functions via Chromium browsers installing extensions from the Chrome Web Store. While this method will likewise work with Microsoft Edge, it still has to be modified to use extension IDs from Microsoft’s extension store.
Finally, this method does not work with Mozilla Firefox add-ons as Firefox extension IDs are unique in each browser instance.
While z0ccc does not have data regarding installed extensions, his own tests illustrate that uBlock is the most ubiquitous extension fingerprint.
For more information, read the original story in Bleepingcomputer.