Firfox borrows back from TOR

TOR borrowed many functions from FF, and now FF is using some TOR capabilities to block -“canvas fingerprinting” (an HTML5 devious tracking method that doesn’t need cookies).   One of the problems of setting high privacy configurations, is that many sites tell you “you may not see our content unless you allow us to track you”, as in my earlier  post telling the LATimes “thanks but no thanks”.  Other organizations put up a “paywall” (pay to read), so you sign in with your account information and thus identify yourself, and what pages you click through or ignore:  a double whammy now that you’re paying to give information to the website.  Wait, what?  Yep, you got it.

————–from the article————

Firefox Borrows Feature from Tor to Protect User Privacy

All major web browsers include features that let you block common tracking methods, but tracking users is big business. It’s understandable advertisers have come up with some clever ways to quietly follow you around the web without cookies or ad tokens. One of the most devious techniques is known as canvas fingerprinting, but it won’t be a problem for Firefox users anymore. Firefox is rolling out an update that borrows from the Tor browser in order to prevent users from being tracked across websites via canvas fingerprints.

Most ad networks employ tracking cookies of some sort to follow a specific user around the web. That data helps target ads and generally earns everyone more money. Well, everyone but the user. Canvas fingerprinting can also be used to track you, but it’s not based on cookies. Thus, turning on the “do not track” flag won’t do anything to stop it.

Canvas fingerprinting is supported by all major browsers as it’s a twist on the HTML5 standard. Websites that use this method instruct a browser to draw a hidden line of text or a 3D graphic using the HTML5 canvas element. The output of this action varies based on system features like GPU, installed fonts, and drivers.

The website collects these tiny variations and creates a hash to serve as a unique identifier. Your browser doesn’t need to store anything for this to work. Canvas IDs are shared with affiliated websites so they can match them to browsers that land on their sites. Just like a tracking cookie, this fingerprint helps advertisers target ads based on your browsing history.

The Tor Browser, which is based on Firefox, is designed to preserve user privacy. Naturally, it blocks the use of canvas fingerprinting. The browser simply returns a blank image until the user has granted the canvas access permission. Now, that restriction is feeding back into Firefox to protect users of that browser from surreptitious snooping by advertisers. This is part of the Tor Uplift Project to bring features from Tor into Firefox, whereas it has previously always been the other way around.

Firefox is the first major browser to give users a choice in canvas fingerprinting. You’ll still be able to share data with a website if you want, but it’s an opt-in situation instead of something that happens silently in the background. The Mozilla Foundation is a nonprofit that doesn’t rely on ads to make money, so it’s no surprise it would take the lead here. Mozilla was also one of the early proponents of “do not track” features.

Now read: 20 Best Privacy Tips

%d bloggers like this: