Closed Bug 1658837 Opened 5 years ago Closed 1 year ago

Potential use of Notification API for fingerprinting

Categories

(Core :: Privacy: Anti-Tracking, defect, P3)

Product:
Core
Component:
Privacy: Anti-Tracking
Type:
defect

Tracking

()

Status:
RESOLVED MOVED

People

(Reporter: umar-iqbal, Unassigned)

References

Details

Bug details

Notification permissions API provides a way to determine whether notification permission is granted or denied on a specific website. We discovered several cases in which the Notification API was used in fingerprinting scripts. Specifically, we found cases where the notification permissions were probed. The differences in permissions across websites can be used as part of a fingerprint.

Some of the scripts and websites accessing Notification API

Script URL

https://cdn.perfdrive.com/aperture/aperture.js , https://cdn.perfdrive.com/aperture/spectrum.js

Websites with script

https://inc42.com/ , https://www.1881.no/ , https://www.meilleursagents.com/ , https://www.vouchercodes.co.uk/ , https://www.songfacts.com/ , https://fribbla.de/insiders/ , https://lensa.com/ , https://www.tomshardware.co.uk/ , https://www.newsarama.com/ , https://next.reality.news/

Common APIs with fingerprintjs2

toDataURL , fillRect , fillStyle , mimeTypes , display , availHeight , platform , getContext , localStorage , doNotTrack , webdriver , plugins , indexedDB , ActiveXObject , maxTouchPoints , ontouchstart , fillText , textBaseline , sessionStorage , colorDepth , userAgent , navigator , language , hardwareConcurrency , canvas , productSub , availWidth , screen

Script URL

https://assets.pixlee.com/assets/pixlee_events.js

Websites with script

https://www.dockers.com/US/en_US/ , http://www.bestmadeco.com/ , https://www.yakima.com/ , https://www.mpix.com/ , https://www.kennethcole.com/

Common APIs with fingerprintjs2

fillRect , display , context , bindBuffer , createBuffer , localStorage , OfflineAudioContext , compileShader , plugins , getShaderPrecisionFormat , maxTouchPoints , multiply , sessionStorage , systemLanguage , deviceId , colorDepth , linkProgram , filter , userAgent , currentTime , mediaDevices , suffixes , rangeMin , beginPath , deviceMemory , oscpu , font , screen , browserLanguage , createProgram , destination , fillStyle , MAX_TEXTURE_MAX_ANISOTROPY_EXT , enumerateDevices , platform , getContext , groupId , oncomplete , getExtension , doNotTrack , useProgram , createShader , fonts , TouchEvent , webdriver , startRendering , ontouchstart , getSupportedExtensions , globalCompositeOperation , isPointInPath , createDynamicsCompressor , attachShader , navigator , uniform2f , language , hardwareConcurrency , offsetHeight , getUniformLocation , ARRAY_BUFFER , drawArrays , vertexAttribPointer , disconnect , WebGLRenderingContext , toSource , createOscillator , precision , EXT_texture_filter_anisotropic , indexedDB , setValueAtTime , renderedBuffer , bufferData , getData , getContextAttributes , reduction , appName , clearColor , getChannelData , canvas , languages , productSub , shaderSource , userLanguage , WEBGL_debug_renderer_info , toDataURL , enableVertexAttribArray , availHeight , rangeMax , frequency , webgl , description , devicePixelRatio , ActiveXObject , enable , fillText , textBaseline , Float32Array , closePath , connect , Netscape , getAttribLocation , getParameter , availWidth

Depends on: 1662349
Blocks: 1662349
No longer depends on: 1662349
Severity: -- → S3
Priority: -- → P3

While accurate, this is not a very actionable bug. We are investigating fingerprinting surfaces and developing a plan for them, so I am closing this in favor of that effort.

Status: UNCONFIRMED → RESOLVED
Closed: 1 year ago
Resolution: --- → MOVED
You need to log in before you can comment on or make changes to this bug.