The development of scripting languages in the late 90s is the great revolution for developers that have blessed them with serving dynamic content to their users. In the last 15 years, the scripting languages have change the way how internet or we can say World Wide Web (WWW) looks. Obviously, the main backend framework is the most important part of a web project but client side scripting or front end developing is also given great important nowadays. Thus, Full Stack developers are in great demand as compared to the specific side developers.
Great Deal: Enroll in The Complete Web Developer Course 2.0 at just $11.99.
Web browsers like Tor and Firefox, prevent these privacy issues to an extent and block these scripts. But as we all know, computers and servers are just dumb machines and every instruction needs to be given before they are actually implemented. Just as signature of a virus changes by adding a string, if these browsers are designed to block a particular script, they will not block any other familiar similar script that functions same but looks different.
A group of researchers from Mozilla, the University of Iowa and the University of California have detected these hidden identification scripts in 100 thousand most popular sites according to Alexa rankings showed that 9040 of them (10.18%) and if we cut the number to just top 1000 popular sites then this percentage of the website caught with hidden identification scripts increases abruptly to 30 percent i.e. 266 websites. Let’s see their findings and facts.
THE FINDINGS AND FACTS
It is argued that the use of machine learning has significantly improved the accuracy of detecting code for hidden identification and revealed 26% more problematic scripts that were not previously detected with the predefined parameters.
According to one of the researchers from the team, Umar Iqbal, who give the presentation about this research defined some problems which they met during static analysis:
- During static analysis, it become dffiucult for them to properly identify obfuscated or inline functions and it is only possible to detect it through dynamic analysis.
- The number of API calls made by the script could only be detected through dynamic analsysis.
After they collecting results from both static and dynamic analysis, they used tree algorithm to finally detect the scripts which are collecting hidden information.
The actual presentation given by the researcher is given below:
It is a known fact that trackers and infostealers are everywhere in the world wide web. We believe that some sort of information is needed by webmasters to improve the user experience but that information should not include personal information about the user. If it is so, then there would not exist any difference between infostealers and trackers. It is therefore suggested for webmasters to collect only such information which user has consented to.
Disclaimer: The above suggested deals are from third party vendors and prices mentioned for the above deals may or may not change at the time you buy. We are not responsible for the change in price after 24 hours.