The latest ad tracking tricks and what to do about them
On the Canvas

© Lead Image © Boyan Dimitrov, 123RF.com
We'll tell you about some powerful new ad tracking techniques and how you can stop them.
Ad networks and companies are using increasingly sophisticated methods to track web surfers and spy on user behavior. However, the free web browser Firefox, in particular, makes it hard for these unabashed spies: various extensions block and remove standard cookies, web pixels, and well-hidden LSO cookies (also known as Flash cookies [1]).
A young technology known as canvas fingerprinting does not require tricks like web pixels and LSO cookies and relies instead on standard HTML5 and JavaScript to help data grabbers track user behavior. In many cases, you can even accurately identify users. Because canvas fingerprints do not rely on additional data such as cookies on the system, conventional prevention methods fail.
Evercookies [2] are an older, but also increasingly popular, technique for spying on unsuspecting surfers. This article takes a close look at canvas fingerprinting and Evercookies and offers some options for how to stop these powerful tracking techniques.
Fingerprints
Almost all modern web browsers have supported the standardized HTML5 page description language since 2014. With its advanced commands and features, HTML5 gives programmers the ability to generate dynamic graphics. The canvas element of the command set identifies a region in which JavaScript can draw. You can also use the canvas element to call out, position, and scale text or graphics in the PNG, GIF, or JPEG format.
To create a clearly identifiable fingerprint of each surfer, canvas technology uses the fact that images and text in the canvas elements are displayed differently depending on the operating system, the web browser, the installed fonts, the graphics hardware, and the deployed drivers. Also, browser data such as the language, time zone, color depth, browser ID, and installed plugins vary from system to system.
Invisible graphics are output as a data URL, after injecting a hidden canvas element into a web page, and the script generates a hash value. When the surfer visits the same website with the same browser again, the tracker generates the same hash value again given an unchanged configuration.
Thus, the script can very reliably identify the user. To track the user, ad networks place the same hidden canvas element on several websites and can then clearly identify users based on the same hash value.
The hit rate is particularly high for legacy desktop PCs with their extensive configuration options and variety of hardware components, operating systems, desktops, web browsers, and applications. The resulting large number of possible combinations translates to a similarly high rate of unique identification. Canvas fingerprinting works less successfully on mobile devices, such as smartphones or tablets, which are largely identical in terms of hardware and software, because the dynamically generated graphics only exhibit minor differences.
Redundant Cookies
Evercookies also use JavaScript to infest a computer system. In contrast to traditional cookies and Flash cookies, they use the web browser's individual storage technologies in a variety of combinations to nest multiple times in different locations. The history, browser cache, various HTML5 attributes – such as session, local, and global storage – as well as Silverlight Isolated Storage are all used to store Evercookies.
It is thus very hard to remove these pests completely from the system. If the user or a browser extension automatically deletes Evercookies in just some of these locations, they can be reconstructed from the remaining cookies. Thus, the usual browser extensions remain largely ineffective.
Detection Mechanisms
In as-delivered state, none of the popular web browsers can detect, remove, or block canvas fingerprints or Evercookies. Only the Tor Browser [3] emits a warning message if you call a web page that contains a canvas script, and it asks whether the browser should run or block the script. Additionally, canvas scripts presented to the Tor browser are not allowed to extract the implemented image data by default.
For Firefox, only the CanvasBlocker [4] add-on offers the ability to detect canvas call stacks (Figure 1). For Chrome/Chromium, there is CanvasFingerprintBlock [5], an add-on with a similar function. Like the Tor Browser, CanvasBlocker can block all or selected canvas elements in combination with Firefox. If the pop-up messages about discovered fingerprints at the top of the browser window disturb you, simply switch them off.
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Direct Download
Read full article as PDF:
Price $2.95
News
-
Titan Linux is a New KDE Linux Based on Debian Stable
Titan Linux is a new Debian-based Linux distribution that features the KDE Plasma desktop with a focus on usability and performance.
-
Danielle Foré Has an Update for elementary OS 7
Now that Ubuntu 22.04 has been released, the team behind elementary OS is preparing for the upcoming 7.0 release.
-
Linux New Media Launches Open Source JobHub
New job website focuses on connecting technical and non-technical professionals with organizations in open source.
-
Ubuntu Cinnamon 22.04 Now Available
Ubuntu Cinnamon 22.04 has been released with all the additions from upstream as well as other features and improvements.
-
Pop!_OS 22.04 Has Officially Been Released
From the makers of some of the finest Linux-powered desktop and laptop computers on the market comes the latest version of their Ubuntu-based distribution, Pop!_OS 22.04.
-
Star Labs Unveils a New Small Format Linux PC
The Byte Mk I is an AMD-powered mini Linux PC with Coreboot support and plenty of power.
-
MX Linux Verison 21.1 “Wildflower” Now Available
The latest release of the systemd-less MX Linux is now ready for public consumption.
-
Microsoft Expands Their Windows Subsystem for Linux Offerings With AlmaLinux
Anyone who works with Windows Subsystem for Linux (WSL) will now find a new addition to the available distributions, one that’s become the front-runner replacement for CentOS.
-
Debian 11.3 Released wIth Numerous Bug and Security Fixes
The latest point release for Debian Bullseye is now available with some very important updates.
-
The First Alpha of Asahi Linux is Available
Asahi Linux is the first distribution to fully support Apple Silicon and is now available for testing.