Your GPU could be used to track you online

New technique dubbed DrawnApart discovered by security researchers

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Experts have revealed that a computer’s Graphics Processing Unit (GPU) can be used to track users across the web.

A group of 10 researchers from universities in France, Israel, and Australia have published a report on a new “remote GPU fingerprinting” technique dubbed DrawnApart.

Explained as plainly as possible, this uses a cross-platform API for rendering 3D graphics in the browser, called WebGL. When combined with the GPU’s operations, it creates a unique fingerprint of the device.

Violation of privacy

The researchers tested the method on 2,550 devices, carrying a total of 1,605 unique CPU configurations. The results have shown that the median tracking duration of current, state-of-the-art methods can be extended, from the current, 17.5 days, to 28 days. That’s a 67% increase.

This is a “severe problem” for user privacy, a news report on BleepingComputer reads. Consumer privacy has been in the spotlight for the past couple of years, ever sinceGoogle’s and Facebook’s tracking practices were scrutinized (other large tech companies, as well as some nation-states, aren’t faring much better, either).

Current laws and regulations, such as the European Union’s General Data Protection Regulation, focus on making sure the users give explicit consent before accepting cookies onto their devices.

As a result, various businesses and “unscrupulous websites” have turned to other tracking methods, collecting “potential fingerprinting elements” such as hardware configuration, the visitor’soperating system, their timezone, screen resolution, etc.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

These tiny icons could be tracking you across the internet>Apple wants to help you stop advertisers tracking your internet activity>ProtonMail wants to stop you being tracked online via email

However, none of these methods are as successful as cookie placement, as the elements regularly change. Even if they’re stable, they only allow the websites to broadly categorize their customers, rather than create a unique fingerprint.

The next version of WebGPU, which is currently being developed, will feature additional compute shaders, which may introduce even more ways to fingerprint internet users, the report concludes.

People looking to remain anonymous when browsing the web will usually install aVPN, access the internet via aproxyserver, and deploy a whole swathe of otherprivacy tools.

Via:BleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

VIPRE Security Group says its new endpoint protection tools can stamp out even the latest cybersecurity threats