Page 1 of 1
fingerprint or certificate tracking
Posted: Sat May 30, 2015 9:40 am
by Mc
Certificate Patrol shows me, that on google and twitter searches ssl certificates are changed very often, once and more per day. I wonder, if it's done for user tracking. They know, how it could be done!
https://www.chromium.org/Home/chromium- ... mechanisms
If they do, can NoScript help here?
Re: fingerprint or certificate tracking
Posted: Sat May 30, 2015 5:18 pm
by barbaz
Where in that link does it say that modifying the server's SSL certificate is a possible tracking mechanism?
Re: fingerprint or certificate tracking
Posted: Sat May 30, 2015 5:42 pm
by Mc
I added it to show, what's known to be possible here.
I don't know though, why they for example want to change a certificate today, which is stored since 2015-05-29 and expires on 2015-08-19 with a certificate which would expire on 2015-08-04.
Re: fingerprint or certificate tracking
Posted: Sat May 30, 2015 5:47 pm
by barbaz
Are they? Sniff the traffic and do reverse DNS lookup on all the IP's (and see if the IP's are different). I have to wonder if they've just got different certificates on different servers used as destinations for some sort of load balancing/CDN scheme...
Re: fingerprint or certificate tracking
Posted: Sat May 30, 2015 5:59 pm
by Mc
Could be, but I mostly deny the change and get the search results anyway (in HTTPS).
Re: fingerprint or certificate tracking
Posted: Sat May 30, 2015 6:59 pm
by barbaz
irc chat wrote:<barbaz> Mc: i'm curious how you think a site changing its SSL certificate could be used to track users?
<Mc> barbaz: here again, sorry, i don't know. i just ask
<Mc> and it came up recently. it happened never before
<barbaz> Mc: i'm not sure either. all i can think is it _might_ be possible to change certificates to track who is using addons that detect that and interrupt the connection... but i'm no expert in this stuff
<Mc> barbaz: perhaps anyone would know. if not, it may be good to know, what's going on here