An anonymous reader quotes a report from Help Net Security: More and more shopping websites accept cryptocurrencies as a method of payment, but users should be aware that these transactions can be used to deanonymize them — even if they are using blockchain anonymity techniques such as CoinJoin. Independent researcher Dillon Reisman and Steven Goldfeder, Harry Kalodner and Arvind Narayanan from Princeton University have demonstrated that third-party online tracking provides enough information to identify a transaction on the blockchain, link it to the user’s cookie and, ultimately, to the user’s real identity. “Based on tracking cookies, the transaction can be linked to the user’s activities across the web. And based on well-known Bitcoin address clustering techniques, it can be linked to their other Bitcoin transactions,” they noted. “We show that a small amount of additional information, namely that two (or more) transactions were made by the same entity, is sufficient to undo the effect of mixing. While such auxiliary information is available to many potential entities — merchants, other counterparties such as websites that accept donations, intermediaries such as payment processors, and potentially network eavesdroppers — web trackers are in the ideal position to carry out this attack,” they pointed out.