As apple they are ready To launch the anti-tracking update for iOS, Facebook and other companies that are setting their business on violating users’ privacy angry about the future. However, there is always a new vulnerability waiting to be discovered. For example, researchers now claim that a website’s favicon can be used to spy on users in a way that is hard to shake.
Favicons are small little icon displayed in the corner of the browser tab when you have a website open. On Gizmodo, you should see a “G” logo in the tab above. German software designer Jonas Strehle published a proof of concept On GitHub The favicon’s cache is readable in “browser’s incognito mode” and installing a VPN or AdBlocker by clearing the cache, closing the browser or rebooting the system. “
As Motherboard Strehle started building the project after a reading. Research paper from the University of Illinois in Chicago who explained the technique. The basic essence of the method starts with the fact that the favicon is cached in your browser when you first visit a website. When you return to the site, the browser checks if the favicon is stored on your machine in its own private house called F-Cache. If the data is out of date or incomplete, the browser requests data from the website’s servers. Strehle explained what will happen next in an article on the website:
A web server can draw conclusions as to whether a browser is currently loading a favicon:
So when the browser requests a web page, if the favicon is not in the local F-cache, another request for the favicon is made. If the icon already exists in F-Cache, no further requests are sent.
By combining the status of delivered and undelivered favicons for specific URL paths for a browser, a unique model (identification number) can be assigned to the customer.
When the website is reloaded, the web server can recreate the identification number with network requests sent by the client for missing favicons, thereby identifying the browser.
Long story short, the favicon is a harmless little guy that can become what Strehle calls a “super cookie” and makes it very difficult for a user to avoid being tracked by a site.
Researchers at the University of Illinois at Chicago find that the tracking method works on all major browsers, and because of the seriousness of the threat, “they suggest changes in the favicon caching behavior of browsers that could block this tracking pattern, and find to browser vendors who are currently investigating appropriate mitigation strategies.”