Loading…
Thank you for joining us at our 20th Anniversary Event! All sessions were recorded and will be posted in the coming weeks on the OWASP YouTube channel.

We have been working hard to secure the world through challenges and discovery. And now, it’s time to celebrate! Many of you have played a crucial role in the Foundation’s enduring history, and we encourage you to participate in the celebration coming this September! Our theme, Securing the Next 20 Years, is encouraging and exciting as we look ahead to the next 20 years!

Join us for FREE at this live 24-hour global event as we honor the past, celebrate the present, and embrace the future of OWASP and cybersecurity. Hear from world-renowned keynotes and special speakers, and network with your peers. It is FREE to attend, however, registration IS required, to gain access to the session links.

Back To Schedule
Friday, September 24 • 1:00pm - 1:30pm
Everything You Always Wanted to Know About Fingerprinting Browser Extensions, But Were Afraid to Ask

Log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Feedback form is now closed.
Abstract:
​More and more users are finding out about browser fingerprinting and how trackers can use it to supplement or altogether replace cookie-based tracking. In this talk, we will explore the landscape of a specific kind of browser fingerprinting, namely browser-extension fingerprinting. Since users explicitly choose which extensions to install, the discovery of a user's extensions can reveal sensitive socioeconomic properties about that user, such as, their level of income, their political leanings, their technical expertise, and even their religion. Moreover, since different users install different sets of browser extensions, the set of extension of a given user can be straightforwardly turned into that user's fingerprint. We will go over the different techniques that are available for fingerprinting browser extensions (including web-accessible resources, DOM modifications, stylesheet hijacking) and what modern browsers are doing in order to protect their users against fingerprinting.​​​
Speakers
avatar for Nick Nikiforakis

Nick Nikiforakis

Associate Professor, Stony Brook University
Dr. Nick Nikiforakis (PhD'13) is an Associate Professor in the Department of Computer Science at Stony Brook University. He leads the PragSec Lab, where his students conduct research in cyber security, with a focus on web security, web privacy, DNS security, attack-surface reduction... Read More →

Friday September 24, 2021 1:00pm - 1:30pm EDT
On-Line
  OWASP Standard Classification

Attendees (210)