One of the most common Internet threats is web tracking, which enables an entity to gain unauthorised access to a user’s personal data while the user is browsing the web, thus violating privacy. At Bournemouth University we have been researching whether popular browsers protect their users from trackers that use Web Storage, Web SQL, and Indexed Database.
Introducing his research to the Cafe Scientifique audience earlier this month, Dr Alexios Mylonas from the Department of Computing & Informatics highlighted the different tracking technologies currently being used on the World Wide Web that can compromise our privacy.
“We live in a ‘post Snowden ‘ era” he said, and ” there are many ways that malicious entities on the Web, such as trackers can violate our privacy”.
HTML 5.0 provides trackers with new options
Alexios described his own findings regarding the usage of three technologies from the HTML 5.0 standard (Web Storage, Web SQL, and Indexed Database) on the Internet. He went on to explain the experiments that were conducted against some of the websites we use every day proved that the main use of these technologies is tracking.
“This is different to what the industry and academia believed before we started our analysis. We did not believe that this was the case when we started this research and this is why we conducted the experiments in the first place”.
In many ways web browsers cannot protect our privacy
The focus towards the end of the discussion was the ability of current popular web browsers to delete the data that is being left on browsers by trackers. The results uncovered many occasions where popular browsers such as Firefox and Opera in Android do not allow us to delete the tracking data resulting in our privacy being violated.
Dr Mylonas explained that “if the browser fails to delete tracking data stored by any of the aforementioned technologies then a malicious tracker could ‘resurrect tracking data’ that the user has previously deleted in a similar way as with cookie resurrection”.
After discussing the research, the demonstrations showed the inability of Firefox and Opera in Android to protect the privacy of their users.
The following tool has been developed for you to check your browser; https://bit.ly/2J1Di65
The recently published journal paper in IEEE Access provides more information into the research; Belloro, S., & Mylonas, A. (2018). I know what you did last summer: New persistent tracking mechanisms in the wild. IEEE Access, 6, 52779-52792
If you have any questions, please do get in touch with the Public Engagement Team; firstname.lastname@example.org, you can also follow us on Facebook and Twitter. Plus, why not send us a request to be added to our Public Engagement mailing list and be the first to hear about our research events and activities.