Skip to content
July 12, 2026
  • Linkedin
  • Twitter
  • Facebook
  • Youtube

Daily CyberSecurity

Zero-hour alerts. Unmatched analysis.

Primary Menu
  • Home
  • CVE Data
    • CVE Watchtower
    • Top Exploited CVEs
    • CVE Stats by Vendor
    • Q2 2026 Report
  • Cyber Criminals
  • Data Leak
  • Linux
  • Malware
  • Vulnerability
  • Submit Press Release
  • Vulnerability Report
Light/Dark Button
  • Home
  • Technique
  • Anti-browser Fingerprint Tracking Technique
  • Technique

Anti-browser Fingerprint Tracking Technique

Do Son April 24, 2023 6 minutes read
Anti-browser Fingerprint Tracking Technique

A multi-level view of browsing platforms. Virtualization isolates the user’s system

Browser Fingerprint Tracking is a way to track users over the past five years. In order to counter the browser’s fingerprint tracking behavior, anti-browser tracking technology is evolving. The market for fingerprint-protected browsers is booming. At the end of the year, a list of ant fingerprint browsers for the 2023 market appeared.

The anti-browser fingerprint tracking technology overview

The principle of browser fingerprint recognition is based on different browsing platform used by the hardware type, operating system, browser type, browser configuration is different, to build a unique browser fingerprint. This fingerprint has three characteristics can be used to track the user: First, the fingerprint of certainty, with a very low collision rate, at least from thousands of devices to identify a device; Second, the fingerprint of accessibility, Web pages, Web servers can easily get fingerprints. With the introduction of the browser to update the more powerful API, fingerprint tracking will become easier; Third, the stability of the fingerprint, the user first visit the page.

Anti-browser fingerprint tracking as long as the above three characteristics to break the fingerprint can be:

First, the certainty of fingerprints. To make the two browse the platform to produce exactly the same fingerprint, there is no effective way to find out;

Second, the vulnerability of fingerprints. You can use the browser’s various settings or plug-ins to slow down tracking, but this approach may affect the user experience, such as the inability to use cookies and JavaScript;

Third, the stability of the fingerprint. Dr. Pierre Laperdrix, a researcher at the University of INRIA Rennes in France, proposed a solution that could create a dynamic browsing platform that would give users a different fingerprint every time they visited the web.

And through two ways to break the stability of the fingerprint:

A) Automatically combine and reconfigure multiple levels of software components with virtualization and modular architectures, randomly generate browsing environments, and generate random fingerprints for each browsing session to obscure the actual device’s fingerprints. The author developed a prototype called Blink;

B) The second is to break down the stability of very specific fingerprint technology (Canvas, Audio, JavaScript engine) by introducing enough noise in the fingerprint recognition process so that the tracker can not bind fresh fingerprints to old fingerprints Together, making it impossible to track across multiple sessions. The author developed FPRandom based on Firefox.

Blink principle

There are some differences between the two browsing platforms, and the tracker can locate the tracking user based on this difference. Therefore, the diversity of the browsing platform is the root of the browser fingerprint tracking problem, but it is also the solution to the browser fingerprint tracking Problem of the program. The difference between the many parts of the platform provides the basis for a dynamic browsing platform.

Blink uses virtualisation and modular architectures to automate and reconfigure the components of the browsing platform so that each run produces a different fingerprint, and the tracker can not easily find each other’s links. Figure 1 shows the elements that affect the browsing platform fingerprints: configuration parameters such as language, screen resolution; software components such as browsers, operating systems; hardware components such as graphics cards, microphones; cross-level dynamic attributes can only be collected at runtime , Such as canvas ,AudioContext.

Fig. 1. User platform elements involved in web browsing and exhibited in the browser fingerprint

Once the user starts browsing the web, the data is used to create the fingerprint. This is what is generally considered by the browser fingerprint. Researchers found that the most significant factors affecting fingerprints are fonts, plug-ins and user agents. Therefore, the choice to focus on reconfiguring the following factors can be achieved by changing the purpose of the fingerprint: fonts, plugins, browsers and operating systems.

Blink achieves dynamic target defense by automatically reconfiguring the various components of the browsing platform at run time. Dynamic Target Defense requires the browsing platform to use a modular architecture to automate random assembly of the various components, rather than building them in advance. Blink is a dynamic platform, characterized by:

A) The assembled platform always shows a fingerprint that is consistent with the real browser, not forged because the platform is real; 

B) automatically select the correct configuration, that is composed of compatible components and the correct operation of the platform; 

C) Each time a reconfiguration results in a fingerprint change.

Blink implementation

Blink assembles multiple components at different levels, forming a browsing platform as shown in Figure 2.

Blink uses Docker as the underlying technology because Docker can quickly assemble components at run time while isolating the host system from the platform. Blink assembled components are:

A) Operating system: Due to the official image of DockerHub, many operating systems can be out of the box.

B) Browser: download directly from the network or download from the official package repository, many of the browser used to produce a variety of fingerprints.

C) fonts and plug-ins: Pierre Laperdrix created a variety of fonts and plug-ins library, Blink can create a browse platform to select its fonts and plug-ins. The current version of Blink contains more than 2700 fonts and more than 30 plugins.

In just a few seconds, Blink can produce a new fingerprint, the user can use it like a local browser. In order to avoid the obvious distinction between the ordinary Web client fingerprints, from https://amiunique.org to collect fingerprint data, optimize the Blink configuration file, so Blink generated fingerprints closer to the normal browser generated fingerprints. The results show that Blink produces enough fingerprints to fake. Pierre Laperdrix runs Blink thousands of times, and their fingerprints are different, and commercial fingerprint solutions can not know that these fingerprints actually come from a single user.

Summary

Blink generates a random browsing environment, each session produces a different fingerprint, breaking the fingerprint stability, to slow down the fingerprint tracking. Blink also implemented other anti-tracking methods, such as:

A) In order to prevent cookie tracking, when the user completes browsing, all generated temporary data is deleted.

B) Blink is fully compatible with the Tor network in order to prevent IP tracing. By clicking on a simple button, all Internet traffic with Blink can be redirected through the Tor network.

You can get full “Mitigating browser fingerprint tracking: multi-level reconfiguration and diversification” paper here.

Share this article:

Facebook Post LinkedIn Telegram
Tags: browser Fingerprint

Search

Translation

CVE WATCHTOWER
🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

Upgrade Package

🚨 Active Exploits in the Wild

  • CVE-2026-1207CVSS 5.4
    An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. Raster lookups on...
    Admin intel📅 Updated: Jul 10, 2026
  • CVE-2026-48939CVSS 10.0
    A vulnerability in the iCagenda extension for Joomla allows the upload of arbitrary files in the file attachment...
    CISA KEV📅 Added to KEV: Jul 10, 2026
  • CVE-2026-56291CVSS 10.0
    The Joomla extension Balbooa Forms is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files...
    CISA KEV📅 Added to KEV: Jul 10, 2026
  • CVE-2026-55255CVSS 8.4
    Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, an Insecure Direct...
    CISA KEV📅 Added to KEV: Jul 7, 2026
  • CVE-2026-48908
    A vulnerability in SP Page Builder for Joomla allows unauthenticated users to upload arbitrary files, ultimately resulting in...
    CISA KEV📅 Added to KEV: Jul 7, 2026
  • CVE-2026-56290
    The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable...
    CISA KEV📅 Added to KEV: Jul 7, 2026
  • CVE-2026-20896CVSS 9.8
    Gitea Docker image: `REVERSE_PROXY_TRUSTED_PROXIES = *` default lets any source IP impersonate any user via `X-WEBAUTH-USER`
    Admin intel📅 Updated: Jul 6, 2026
  • CVE-2026-48282CVSS 10.0
    ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted...
    Admin intelCISA KEV📅 Added to KEV: Jul 7, 2026📅 Updated: Jul 3, 2026
Powered by CVE Watchtower

🔴 Live Critical Threats

  • CVE-2026-56271CVSS 9.8
    Flowise before 3.1.0 (affected versions 3.0.13 and earlier) uses weak hardcoded default...
  • CVE-2026-56260CVSS 9.1
    Crawl4AI before 0.8.7 contains an arbitrary file write vulnerability in the Docker...
  • CVE-2026-61447CVSS 10.0
    PraisonAI before 1.6.78 contains a remote code execution vulnerability in CodeAgent._execute_python() that...
  • CVE-2026-61445CVSS 9.9
    PraisonAI before 4.6.78 contains arbitrary file write and command execution vulnerabilities in...
  • CVE-2026-60090CVSS 9.8
    PraisonAI before 4.6.78 fails to validate the caller-controlled dimension argument in the...
  • CVE-2026-57827CVSS 10.0
    The Joomla extension RSFiles is vulnerable to an unauthenticated arbitrary file upload...
  • CVE-2026-57828CVSS 9.0
    The Joomla extension Phoca Downloads is vulnerable to an authenticated arbitrary file...
  • CVE-2026-14480CVSS 9.9
    OpenPLC Runtime v3 contains an authenticated arbitrary file write vulnerability in the...
  • CVE-2026-20744CVSS 9.8
    The charging station websocket endpoint accepts connections without proper authentication, which could...
  • CVE-2026-57807CVSS 9.8
    Authentication Bypass Using an Alternate Path or Channel vulnerability in miniOrange Security...
Powered by CVE WATCHTOWER

Our Websites
  • Penetration Testing Tools
  • The Daily Information Technology
  • Top Exploited CVEs
  • Daily CyberSecurity

    • About SecurityOnline.info
    • Advertise with us
    • Announcement
    • Contact
    • Contributor Register
    • Login
    • Disclaimer
    • DCMA
    • Privacy Policy
    • About SecurityOnline.info
    • Advertise on SecurityOnline.info
    • Contact Us

    When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works

    • CVE Watchtower
    • CVE Statistics by Vendor 2026
    • Q2 2026 Report
    • Top Exploited CVEs
    • Linkedin
    • Twitter
    • Facebook
    • Youtube
    © 2017 - 2026 Daily CyberSecurity. All Rights Reserved.