@inproceedings{599dd60aa5db43e08f6b27125f9a3a99,
title = "The web never forgets: Persistent tracking mechanisms in the wild",
abstract = "We present the first large-scale studies of three advanced web tracking mechanisms-canvas fingerprinting, evercookies and use of {"}cookie syncing{"} in conjunction with evercookies. Canvas fingerprinting, a recently developed form of browser fingerprinting, has not previously been reported in the wild; our results show that over 5% of the top 100,000 websites employ it. We then present the first automated study of evercookies and respawning and the discovery of a new evercookie vector, IndexedDB. Turning to cookie syncing, we present novel techniques for detection and analysing ID flows and we quantify the amplification of privacy-intrusive tracking practices due to cookie syncing. Our evaluation of the defensive techniques used by privacy-aware users finds that there exist subtle pitfalls-such as failing to clear state on multiple browsers at once-in which a single lapse in judgement can shatter privacy defenses. This suggests that even sophisticated users face great difficulties in evading tracking techniques.",
keywords = "Browser fingerprinting, Canvas fingerprinting, Cookie syncing, Evercookie, Flash, Java-Script, Privacy, Tracking, Web security",
author = "Gunes Acar and Christian Eubank and Steven Englehardt and Marc Juarez and Arvind Narayanan and Claudia Diaz",
year = "2014",
month = nov,
day = "3",
doi = "10.1145/2660267.2660347",
language = "English (US)",
isbn = "9781450329576",
series = "Proceedings of the ACM Conference on Computer and Communications Security",
publisher = "Association for Computing Machinery",
pages = "674--689",
booktitle = "Proceedings of the ACM Conference on Computer and Communications Security",
note = "21st ACM Conference on Computer and Communications Security, CCS 2014 ; Conference date: 03-11-2014 Through 07-11-2014",
}