Security: “Scheme Flooding Allows User Tracking Across Browsers”

A flaw that allows browsers to enumerate applications on a machine threatens cross-browser anonymity in Chrome, Firefox, Microsoft Edge, Safari and even Tor.

A security researcher has discovered a vulnerability that allows websites to track users across a number of different desktop browsers — including Apple Safari, Google Chrome, Microsoft Edge, Mozilla Firefox and Tor — posing a threat to cross-browser anonymity.Called “scheme flooding,” the flaw “allows websites to identify users reliably across different desktop browsers and link their identities together,” Konstantin Darutkin, a researcher and developer at FingerprintJS, said in a blog post published Thursday. FingerprintJS is the publisher of a well-known browser-fingerprinting API.

Source: Scheme Flooding Allows User Tracking Across Browsers | Threatpost