Google Chrome Extensions Could Be Used to Track Users Online
According to evidence created by a web developer known as ‘z0ccc,’ some Google Chrome extensions could be used to track users online. The developer created a website that is designed to generate a fingerprint of devices based on Google Chrome extensions installed on the browser that is visiting in order to prove his claims. The web developer stated that the sites do not store the fingerprint of all visiting devices, however, his testing shows that the information it does track could be leveraged by malicious actors to track users’ activity across the web. The fingerprinting action could be due to a certain feature present in Chrome browser extensions in which developers can declare certain assets as web accessible resources.
Sites determined as web accessible resources have the ability to be used to check for installed extensions, generate a fingerprint of visiting user data, and extract data based on the combination of installed extensions. Extensions typically use features such as this one to expose images or other assets that are loaded onto webpages, the developer explained.