Researches show that external attackers can identify the operation system, browser and application of HTTPS traffic

A group of researchers from Ariel University and Ben-Gurion University of the Negev have published a research showing that external attackers (who are able to eavesdrop on the network traffic of a device from the network side) can identify the operating system, browser and application of HTTP encrypted traffic (HTTPS). The researchers note that the characteristics of communication traffic (timing, flows in both directions, variations in packet size and the like) are distinctive enough to create the fingerprint. They also underline the fact that a passive adversary may also collect statistics about groups of users for improving their marketing strategy, as well as use statistics for identifying a specific person.