[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
An interesting (probably) fingerprinting technique that should fail with
|
From: |
Libor Polčák |
|
Subject: |
An interesting (probably) fingerprinting technique that should fail with NBS |
|
Date: |
Thu, 3 Jun 2021 10:07:58 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0 SeaMonkey/2.53.7.1 |
Hello all,
I learnt about
https://web.archive.org/web/20200526092506/https://blog.nem.ec/2020/05/24/ebay-port-scanning/.
Long story short: "It’s not just Ebay scanning your ports, there is allegedly a
network of 30,000 websites out there all working for the common aim of harvesting open
ports, collecting IP addresses, and User Agents in an attempt to track users all across
the web. And this isn’t some rogue team within Ebay setting out to skirt the law, you can
bet that LexisNexis lawyers have thoroughly covered their bases when extending this
service to their customers (at least in the U.S.)."
The scan should be mitigated by the Network Boundary Shield. But it is
something worth a try to make sure that it indeed does.
And it is also something to think about when we are going to decide what to do
with NBS and manifest v3.
The DNS cloacking based on CNAME seems to be quite common technique which beats
(some) adblockers. (uBlock origin was recently patched in Firefox to use DNS
API to detect DNS cloacking) Additional reading at
https://blog.lukaszolejnik.com/large-scale-analysis-of-dns-based-tracking-evasion-broad-data-leaks-included/
(or the linked PETS paper).
Libor
- An interesting (probably) fingerprinting technique that should fail with NBS,
Libor Polčák <=