Meta and Yandex have been found to exploit tracking codes on various websites, leading to the de-anonymization of users through persistent identifiers. By manipulating legitimate Internet protocols, these companies enable unique user identifiers to be sent from browsers to mobile applications. Researchers, including Narseo Vallina-Rodriguez, emphasize that this practice violates fundamental security principles like sandboxing, which is meant to isolate processes on devices. This ongoing issue raises significant concerns regarding user privacy and the integrity of online security practices.
"The attack vector allows to break the sandbox that exists between the mobile context and the web context, enabling the identity running in the mobile app to be revealed."
"Meta and Yandex have embedded tracking codes in millions of websites, which abuses legitimate Internet protocols to reveal unique identifiers of users across platforms."
Collection
[
|
...
]