According to one researcher, the way you use the keyboard can be sufficient to identify you even through Tor.
- APIs are everywhere, and you have likely alr...
- Once assimilated and applied in the daily dy...
- Photo by Sergey Zolkin from UnsplashWell, Xf...
The biometric identification is one of those things that used to seem taken from a futuristic film, but which and we began to get used to. Computers and smartphones unlock with fingerprint we no longer find anything special. Many websites, such as Coursera , use the typing pattern of its users to verify their identity. However, there is little debate that has occurred in the public domain outside of the technical sector, regarding privacy issues that might be involved in their use.
There are two basic types of identifying factors Biometrics: “something you are” (your retina, your footprint digital) and “something you do” (the way you walk, or in this case, typing). According to Per Thorsheim , founder of PasswordsCon and researcher in the area of computer security, typing pattern of a person can be sufficient for create a biometric profile that this could allow identify and track your behavior across Internet, even using the Tor network .
Thorsheim created a biometric profile of their Dynamic typing using the Tor Browser on a test site. Then he switched to Chrome, without using the Tor network, and the site identified it correctly and quickly. Thorsheim test scores demonstrate that if someone has the ability to build a biometric profile of a user based on their dynamic typing in a website when it is completely anonymous in other respects, that profile can be used to identify your activity on other sites where information is available about his identity
This type of tracking could overcome any blocking technology cookies , which exist to prevent websites to collect data to track users across the web, and could break the protections they offer tools like Tor. Although properly used, biometric identification technology could offer security levels that can reach a password, also happens to be potentially very dangerous if they are used, for example, by authoritarian governments to track and identify dissidents .
According to Lukasz Olejnik, an expert on security and privacy, tracking mouse movements could be a identification mechanism even more reliable, because the mouse usually provide more data in a browsing environment (being the most commonly used keyboard). Research cited by Olejnik have shown that track mouse movements can be used to estimate someone’s age or preferences and the way they interact with websites. Analyze the dynamics of the mouse (the time between clicks, dynamic movement, speed or acceleration) could, according Olejnik, be analyzed to obtain more accurate results. To make matters worse, it was recently demonstrated that it is possible to use a fragment of the set of HTML5 to track users only through the battery charge.
Along with Paul Moore, Thorsheim has designed un Chrome browser plugin that is designed to reduce the chances of being traced through his employer typing. The plugin, which essentially uniform pattern data input via the keyboard is not for the average user, but is intended to be a test for those who are in specific environments where this type tracking could pose a particular risk to your privacy.