Consistent with our simulation results, we were able to successfully de-anonymize a substantial proportion of users who contributed their web browsing histories.
Of the 374 people who confirmed the accuracy of our de-anonymization attempt, 268 (72%) were the top candidate generated by the MLE, and 303 participants (81%) were among the top 15 candidates. There has been a number of publications showing that, given a browsing history, the corresponding social media account can be identified in most cases. Even assuming that none of the website addresses you visited expose your identity directly, you likely have a social media account. If you now think “but they still don’t know who I am” – think again. All that is connected to a number of attributes allowing Avast to recognize you reliably, even a unique user identifier. Tracking tab and window identifiers as well as your actions allows Avast to create a nearly precise reconstruction of your browsing behavior: how many tabs do you have open, what websites do you visit and when, how much time do you spend reading/watching the contents, what do you click there and when do you switch to another tab. The data collected here goes far beyond merely exposing the sites that you visit and your search history. It also seems that for paying Avast customers the identifier of the Avast account would be transmitted as well. The data structure also contains fields for your IP address and a hardware identifier but in my tests these stayed unused. Your operating system and exact version number (the latter only known to the extension if Avast Antivirus is installed).Īnd that’s merely the fields which were set. Chrome or Firefox) and version number of your browser. Also not set for me when Avast Antivirus was installed. Seems to be another unique user identifier, the one starting with “ceda” in the screenshot above. For some reason this one wasn’t set for me when Avast Antivirus was installed. This will be “US” for US English.Ī unique user identifier generated by the extension (the one visible twice in the screenshot above, starting with “d916”). Your country code, which seems to be guessed from the browser locale. by entering the address directly, using a bookmark or clicking a link. Identifier of the window and tab that the page loaded into. If you want to do it yourself, you need to find ssage() call in scripts/background.js and look at this.request after this method is called.Īddress of the page that you got here from, if any. That’s why I decided to stop the extension in the debugger and have a look at the data before it is turned into binary. Finally, there are “custom values” there as well which are a completely arbitrary key/value collection.
Also, some fields appear to be unused, and the purpose of others isn’t obvious. It is rather extensive however, with a number of fields being nested types. The binary UrlInfoRequest data structure used here can be seen in the extension source code. This one will send every single link found on this page, be it a search result or an internal link of the search engine. And there is an additional request if you are on a search page. This request isn’t merely sent when you navigate to a page, it also happens whenever you switch tabs.
The rest of the data is somewhat harder to interpret, I’ll get to it soon.
#Avast security for mac chrome full#
You can clearly see the full address of the page in the binary data, including query part and anchor. The response is then translated into the extension icon to be displayed for the page. So the extension sends some binary data and in return gets information on whether the page is malicious or not. If you do it with Avast Online Security, you will see a request to whenever a new page loads in a tab: Using browser’s developer tools you can look at an extension’s network traffic. Storing the data is considered unproblematic due to anonymization (I disagree), and Avast doesn’t make any statements explaining just how long it holds on to it. The amount of data being sent goes far beyond what’s necessary for the extension to function, especially if you compare to competing solutions such as Google Safe Browsing.Īvast Privacy Policy covers this functionality and claims that it is necessary to provide the service. In the process, it will transmit data that allows reconstructing your entire web browsing history and much of your browsing behavior. When Avast Online Security extension is active, it will request information about your visited websites from an Avast server.
0 kommentar(er)
