[Introduction] In general, the site or ad network will be very much like the way a technique for precise positioning on the network to each individual, so that these individuals can collect data, through the analysis more accurate to push advertising (accurate marketing) or some other targeted activities. Cookie technology is a very popular one. When a user visits a site, the site can be permanently implanted in a message containing a unique identifier (UUID) in the user's current browser Cookie in and through all this information to the user behavior (which pages you browse? What keyword search ? What are you interested? point which buttons? What features used? Which commodity Authentic Mens Basketball Shoes All Red Nike KD 7 Factory Outlet watched? Which put into 2015 Nike Free 5.0 the shopping cart, etc.) associated. With the emphasis on personal privacy of Internet users, Cookie increasingly not to be seen. Many security tools are beginning to even the browser allows users Air Max 2012 Black Red White to shut down or boot Cookie functions, such as many mainstream browsers have a 'privacy mode browsing' feature. Since this, the site is difficult to track the user behavior. But there are still some ways to make your site to track each visitor behavior, such as by way of flash cookie can also be reached uniquely Nike Free 3.0 identify and trace purposes. We recently noted that foreign media reports a new online tracking tool is very difficult to get rid of the visitors from the White House to the trailing official website to porn sites YouPorn.com of popular sites. After analysis, this is another relatively new visitor Nike Air Max tracking technology: 'canvas fingerprinting' technology, the specific code in Appendix 6. Unique in this technique is: it is not by Flash Cookie Cookie or the like manner, you basically can not shield it. [Principle of] the author collected a code similar to many well-known site, Appendix 4, can be seen from these 'canvas fingerprinting' code, both use the HTML5 exclusive tag \u0026 lt; canvas \u0026 gt; a status quo: In the drawing canvas pictures, the same canvas rendering code, Nike Zoom KD V different machines and browser rendering images and unique features are the same, since this extraction easiest md5 value can uniquely identify and New Nike Tr Fit Shoes Blue track the user. Some javascript code generated canvas element: var canvas = document.createElement ('canvas'); var ctx = canvas.getContext (' 2d '); var txt =' http://security.tencent.com/';ctx. textBaseline = \u0026 quot; top \u0026 quot ;; ctx.font = \u0026 quot; 14px 'Arial' \u0026 quot ;; ctx.textBaseline = \u0026 quot; tencent \u0026 quot ;; ctx.fillStyle = \u0026 quot; # f60 \u0026 quot ;; ctx.fillRect (125,1,62,20 ); ctx.fillStyle = \u0026 quot; # 069 \u0026 quot ;; ctx.fillText (txt, 2, 15); ctx.fillStyle = \u0026 quot; rgba (102, 204, 0, 0.7) \u0026 quot ;; ctx.fillText (txt, 4, 17); access to the contents of painting, you need to canvas.toDataURL () method, which returns a base64 encoded string picture content. For the PNG file format to block (chunk) division, the last piece was a 32-bit CRC checksum, CRC checksum during extraction can be used to uniquely identify the user:. Var b64 = canvas.toDataURL () replace ( \u0026 quot; data: image / png; base64, \u0026 quot;, \u0026 quot; \u0026 quot;); var bin = atob (b64); var crc = bin2hex (bin.slice (-16, -12)); console.log (crc) ; chrome incognito mode test: the same machine chrome browser, whether normal mode or stealth mode, crc Air Max 2011 Womens Yellow Grey White value obtained consistently. As for the value of different machines get it is different, tracking the effect is obvious. See here, I believe many people would like to ask, Why? Why is there such a situation? The same js code in the browser on the device, the result is unique and each is not identical. That in the end is why? In fact, the reason is very simple, the same HTML5 Canvas element drawing operations on different operating systems different browsers, generated image content actually is not exactly the same. This may occur for several reasons: 1, the image format, different web browsers use a different graphics processing engine, a different picture export options, different default compression level and so on. 2, look at the pixel level, each using a different operating system settings and algorithms for anti-aliasing and subpixel rendering operations. Therefore, even for the same drawing operation, the final generated image data in the hash level is still different. The Air Max 2012 Blue Silver White specific 646701-104 Nike Kobe 9 EM Low White Black Mens Basketball Shoes code level, I am afraid to go to get to know and realize and render the operating system each major browsers. I energy constraints, short-term is difficult to give. We can explore on their own, the welcome exchange J [something] HTML5 changing, use canvas to achieve the user track this feature, there is no good against the plan, the future can only rely on the majority of browser vendors themselves a break, to achieve canvas drawing mechanism randomization might be good to protect user privacy, to prevent being tracked. This paper relates to the code and technical details, only for technical exchanges, not used for Air Max 2012 Leather Blue Black illegal purposes. Also, if you want to study more user-tracking technology, it is New Nike Tr Fit Running Shoes Black recommended to study under the famous open source project focused on tracking Air Max 2012 Blue Silver White visitor: evercookie [Appendix 5], this wretched little tool, almost everything you expect and unexpected ways (Cookie , Flash, Silverlight, Air Jordan Outlet Web History, HTTP Nike Air Max 2011 ETags, Web cache, window.name caching, userData storage, HTML5, and even java vulnerabilities, etc.) to access the site to track user behavior. [Appendix] [1] http://cseweb.ucsd.edu/~hovav/dist/canvas.pdf[2] https://securehomes.esat.kuleuven.be/~gacar/sticky/index.html[3] https://panopticlick.eff.org/browser-uniqueness.pdf[4] part of the 'canvas fingerprint authentication code' Address List: http: //ct1.addthis.com/static/r07/core130.jshttp: // i. ligatus.com/script/fingerprint.min.jshttp://src.kitcode.net/fp2.jshttp://admicro1.vcmedia.vn/fingerprint/figp.jshttp://shorte.st/js/packed/smeadvert- intermediate-ad.jshttp: //stat.ringier.cz/js/fingerprint.min.jshttp: //cya2.net/js/STAT/89946.jshttp: //images.revtrax.com/RevTrax/js/fp/ fp.min.jsphttp: //rackcdn.com/mongoose.fp.js [5] evercookie official website http://samy.pl/evercookie/[6] using fingerprint recognition technology canvas library fingerprintjs official website https: // github. com / Valve / fingerprintjs [7] https://www.browserleaks.com/canvas#how-does-it-worksubstituted site cookie tracking technology: 'canvas fingerprinting' of