SensorID:
When you visit a website, your web browser provides a range of information to the website, including the name and version of your browser, screen size, fonts installed, and so on. Ostensibly, this information allows the website to provide a great user experience. Unfortunately this same information can also be used to track you.
Cross domain tracking is a well known problem, and Apple is on top of it. But read on.
We have developed a new type of fingerprinting attack, the calibration fingerprinting attack. Our attack uses data gathered from the accelerometer, gyroscope and magnetometer sensors found in smartphones to construct a globally unique fingerprint.
Dear advertisers, no one wants this to happen. You can tell because the tunnels you dig keep getting blocked. No one ever write’s a blog post begging for newer ways to cross domain track.
Following our disclosure, Apple has patched this vulnerability in iOS 12.2.
Once again, Apple has our backs.