A simple crawler using Chrome headless with Puppeteer

First post of a series about crawlers. We present how to use Chrome headless with Puppeteer to take screenshots of the home page of the 100 most popular websites.

Presentations on browser fingerprinting

Papers and slides of presentations I recently gave at IEEE S&P 18 and Usenix Security 18 about browser fingerprinting.

Evaluating the privacy implications of a canvas fingerprinting countermeasure

Because of their side effects, browser fingerprinting countermeasures may have a negative impact on users privacy. In this post we look more in details at Canvas Defender, a canvas fingerprinting countermeasure.

Les rendez-vous du plateau Inria - Présentation sur les empreintes de navigateurs.

Slides de la présentation sur les empreintes de navigateurs (browser fingerprints) effectuée à Euratechnologie le 12/04/2018 dans le cadre des rendez-vous du plateau Inria.

Fibonacci sequence in Javascript

This post presents 4 Javascript solutions to compute the nth term of a Fibonacci sequence.

Detecting Chrome headless, new techniques

This post presents techniques that enables to distinguish a vanilla Chrome browser from a Chrome browser running in headless mode. It updates information presented in the post of August.

FP-Stalker, empreintes de navigateurs pour le suivi d'utilisateurs sur internet.

Vulgarisation de l'article FP-Stalker publié à la conférence S&P 18. Le post présente dans quelle mesure les empreintes de navigateur peuvent être utilisées à des fins de tracking.

What is obfuscation?

This post gives a high overview on what is obfuscation, in particular it presents the main transformations used to obfuscate a program.

Detecting Chrome Headless

This post presents techniques that enables to distinguish a vanilla Chrome browser from a Chrome browser running in headless mode.

History stealing using timing attack

Presentation of a side channel attack that leverages time to deduce if a user has visited a link or not.