Are You Being Fingerprinted Online? - Comments Page 1

Wow! Mine was unique!

My results from the test caught me totally off guard.
"Your browser fingerprint appears to be unique among the 3,089,595 tested so far."
Very nice.
Keep up the good work, Bob.

I believe your "1 in 1.5 million" and "1 in 3 million" statements are reversed.

You are correct, cookies are not all bad and I use several for bank and credit card account log-ins which save me having to remember account or customer numbers, for example.

I travel a lot and what I have found to increase lately are adverts or other data which is in the language of my host country. One time I tried to use Google Earth but all the place names were in Chinese. At the moment I have many Norwegian language adverts when I connect there.

If the internet was as savvy as it tries to be, it should recognise my laptop identity and know that I use the English language.

I did the EFF test on the two browsers I use most often and indeed my results were similar to yours for both private and not-private browsing. So I'm assuming that the "fingerprint" is usable across all browsers, so switching between browsers makes no different in protecting privacy? And how long has this kind of tracking been in use? How many entities are using it now?

Wow! I checked my panopticlick and I don't find anything in that information bank that could possibly harm me in any way. If some marketing firms want to see those details then I am more than happy to provide it. I don't think any of that information is of any use (ok, instead of any use I should write "of much use") to those hounds. As a matter of fact, I enjoy reading those spams I get despite the best filtering by gmail. Moreover, I think there is something interesting about the ads I see on websites, however, I admit they are annoying sometime, but, that is a small price to pay for the bigger entertainment!

Pale Moon: one in 1,030,492 browsers have the same fingerprint as yours.
Pale Moon after running Vidalia: only one in 618,317 browsers have the same fingerprint as yours.
Mozilla: one in 1,883
Mozilla after running Vidalia: only one in 13,802 browsers have the same fingerprint as yours.

Actually, considering that browser fingerprints can be paired with IP addresses, not only should it be able to identify unique browsers, but unique machines.

wait--I'm confused--if my fingerprint is "unique," that means I am MORE identifiable and less anonymous, right?

I'm not the sharpest tool in the shed so please forgive my ignorance. How would browser fingerprinting be affected if one was using a "live" Ubuntu type CD/DVD to access the internet? Especially considering that the "live" disk may use a totally different browser than the one installed on the hard drive.

Likewise, what effect would there be if one used a VPN like Hotspot Shield or set up a virtual machine using VMware, VirtualBox, etc?

I'm not sure why this article would state: "Don’t worry; the EFF won’t track you or share your browser fingerprint." The EFF is about protecting our online privacy.

I, too, am unique and the test Bob suggested in this very interesting article reveals that fact and even more usefully shows the reason for my failure to blend in with the crowd. Obviously it's the vast number of "System Fonts", most of which I'm sure I never use and don't need. Any ideas for a good way to weed out the excess??

I very rarely use Yahoo because of privacy concerns; basically only to post to my recycling service of choice which is a Yahoo Group. Recently I got an email to my backup address saying that someone had accessed my account with a computer not associated with me...

Actually it was me, I had bought a new machine. But now I know at least one nosy operation that has been fingerprinting my computers for quite a long time, and associating it with an email address.

Looks like I'll have to switch browsers and email addresses every time I use Yahoo - and hope they aren't tracking MAC numbers too.

You went from 1 in 3M to 1 in 1.5M because you tested the same browser twice. That's 2 in 3M. If you test again, you will see 1 in 1M. That's 3 in 3M. But all 3 are you.

how helpful in this respect id deepFreeze?

Okay ... I look at it this way. If your IP address is viewable to ANYONE, and it is. They know where you live, they have your physical address. If you have a phone, they know where you are. So ... IP minus GPS = wheather you are at home, or not. ANY QUESTIONS ???

EDITOR'S NOTE: IP address does NOT reveal physical address. See http://askbobrankin.com/does_ip_address_reveal_my_physical_location.html

While agreeing most cookies are harmless, the fact is advertising is getting way too pushy. With the development of more sophisticated software its getting harder to avoid and much of this is getting invasive. I am referring to the "latest thing" that has transpired in Germany, that is advertising by bone induction.where resting your head on the window in a train, triggers an avert to play. Pretty much getting inside your head rite?

We usually control browser profiles only in basic ways, (choosing a browser, updating it, turning off certain types of cookies). Those alone are not very identifying factors. It's the huge number of application and system settings that form unique combinations. Many are irrelevant or would not adversely affect the browsing experience if they were changed somewhat, even to values that did not match the computer, or were at least "reported" wrongly.

So... perhaps experts in privacy groups could provide masses of users with a program that imposes (or merely reports) whatever is determined to be the most universal combination of those myriad settings. That data set would be refreshed regularly by polling the browsers of users each time they visit the site to get their own update of the communal profile. The result is reduced uniqueness because each user's browser would then vary only in the very common choices they have always made, (though it would have to also include a relatively limited number of computer-specific settings required for the browser to work).

An opposite approach would be to widely distribute a program that exploits uniqueness to make it harmless in the long term. It would do this by periodically changing (or merely mis-reporting) some selected non-crucial settings. If this is done automatically with each session (or even with each web page), a browser that is "uniquely" identified at a particular time will appear to be a different one when its profile is examined at any future time.

I agree with Kerry. It would make more sense if the figures "one in x" were high. That means the computer is more apt to blend into the background. Whereas a low figure would make you unique.

I read the site's FAQ and other data, but it did not really explain how to interpret the numbers.

Also, the site showed it did place a cookie on the computer so multiple tests would not skew the overall figures. Deleting the cookie would render each test as unique, not a returning tester.

The first thing I get is a security popup sating the site is a security risk w/o a valid certificate. When that is canceled, without accepting the risk to run the script, seems to run it anyway and displays a page that says my CPU is unique in 3.1 million.

This PDF file this statement references was interesting;
“The measurements we used to obtain this result are listed below. You can read more about our methodology, statistical results, and some defenses against fingerprinting in this article.”

Clicking on the hot link, “this article”, brings up a dissertation on methods used. On page 7 it starts to use some rather complicated mathematical statistical methods. It’s been many many years since I had a semester of statistics, but from what I could ascertain from it, if confidence levels for the percentages quoted to re-identify a particular browser were also given, they would be just slightly above 50/50. They would start out better than that but degrade quickly with browser usage and then retested.

In short, I don't think I would want to take a trip in space based on the same reliability as this fingerprint method seems to have.

“this article” leads to: https://panopticlick.eff.org/browser-uniqueness.pdf

As a point of interest (apologies if this has already been mentioned). I had the same results, being 1 in 3m with the first test, then after switching to incognito mode getting a result of 1 in 1.5m. The fact is that your first test adds you to the database thereby halving the result. A third test in normal mode also gives a result of 1 in 1.5m. This tells me that switching to incognito makes no difference. WE ARE SCREWED. I do believe thought that browsers will find a way to fight back.

Pieter