Press Release
Day: 15 October 2021
FIT researchers developed a new browser extension. It helps users to change digital footprints on the Internet
A new tool which is available for nearly all major web browsers was developed by Libor Polčák and FIT BUT students. The Free Software Foundation international non-profit organisation has decided to back their results. The extension named JShelter will help users erase the footprints left on the Internet by their browsers and protect their data.
On the Internet, users are exposed to a number of attacks and threats. Monitoring of online activities of Internet users has become a huge business in the past couple of years, but it also became the source of a number of threats. Despite the fact that interference with a device not requested by its user have been regulated by the law for years, users still cannot easily avoid being tracked on the Internet. Lately, websites have been using an invisible method of browser fingerprinting - creating a fingerprint of a browser to monitor and identify users.
"It is a digital footprint left by every user of the Internet. That is because web browsers provide servers with plenty of information - not only what browser or operating system you use, but also the language of your device or the time zone in which you are located. They also provide detailed information about your hardware, for example the type and resolution of your screen or the number of connected cameras and microphones," Libor Polčák explained.
In aggregate, all the information provided by the browser in this manner create a fingerprint of the user which may be unique. Websites can then identify and start tracking the user. Blocking and confusing the malicious JavaScript which enables the creation of such fingerprints is the main function of the JShelter extension.
"It adapts and limits default browser behaviour and changes the data available to websites outside of the users' control. JShelter adds a security layer which can - if the user sets it to do so - limit the accuracy of geopositioning or change time stamps, which provides even higher level of protection even against threats other than collecting browser fingerprints," described Martin Bednář, doctoral student involved in the project.
JShelter is still under development, but initial versions for Firefox, Chrome and Opera are already available. The developers want to release an updated version by the end of the year - this version will include new user interface and another security level which will limit communications of an entire website if the program detects that the server is obtaining a browser fingerprint.
The idea leading to this unique solution was originally conceived during the FIT Tarzan project which focused on detection and analysis of new forms of cybercrime and was supported by the Ministry of the Interior of the Czech Republic. The tool was initially called JavaScript Restrictor and, in addition to Libor Polčák and Martin Bednář, it was worked on by a number of students as a part of their theses. After the Tarzan project ended last year, the idea was adopted by the prestigious international organization Free Software Foundation which, together with researchers from FIT and other organizations, received funding for the project from the NLnet Foundation.
Currently, the tool is being rebranded and renamed to JShelter (but the original name JavaScript Restrictor can still be found in many places). The project has a free licence - more information is available on the project's website https://jshelter.org/; source code is available at GitHubu.
Author: Kozubová Hana, Mgr.
Last modified: 2022-01-25 15:42:06