LinkedIn has been in the tech news lately for scanning Chrome for installed extensions and storing device information. If I remember right, it tries to access the assets of known extensions to do this. It's kind of a scan and it made me remember, some sites actually port scan you -- Discord does or did. Yeah, that thing you do to do check if ports on your network are open. Weird, right? Why would they do this? Well, it can be used as another method of fingerprinting. Personally, I have 2 DNS servers on my network on random static IPs. If a website saw that and could determine that my network configuration is indeed unique to me then they would know I'm at my house when I access their service and it doesn't matter if I use a VPN , Tor, adblockers, or most privacy tools that privacy minded people use. Interesting.
So I made an npm package and a demo to raise awareness.
You can try it here, get the package here, and see the source here.
It's a lot of words to say: some people might me vulnerable to this attack, which could unmask who they are even if they are trying really hard to prevent that. It could mean an attacker knows when you're home or away, even if you are using a VPN on all of your devices. It could mean an attacker can transverse 2 NATs and 2 firewalls by enumerating services that have restricted access to them, like a database, and find out where they are located on the network before attacking to make their jobs easier. It could mean a malicious site identifies a network device on your network that is exploitable. Then they could could do just that, exploit it. It means the FBI could potentially set up a trap on a black market on the Tor network and find out that type of information too. They could determine if a user on the website that they found the address of it actually also the owner of that website.
It's really powerful in some circumstances. On Mac, your browser will ask you to if you want it to be able to access your network. You should most likely say no, unless if you are a developer. Safari allows it by default though, so you need to use Firefox or Chrome. On Windows no such luck, as far as I know. There is a Firefox extension for it called Port Authority that you can grab.
Thanks for reading and stay safe out there!