I’m old enough to remember when age verification bills were pitched as a way to ‘save the kids from porn’ and shield them from other vague dangers lurking in the digital world (like…“the transgender”). We have long cautioned about the dangers of these laws, and pointed out why they are likely to...
short of a website provider having access to my provider ip over time vs. customer data, how is my browser fingerprint uniquely identifying me when I clear cookies every now and then and often resize the browser window?
Genuinely curious - obviously between clearing cookies there’s an issue, and also if I use logins to any websites that share data with some asshat like google analytics, they will recognize me across websites.
And of course with the latest mozilla data grab, things will get worse :/
Privacy focused browsers can help (but don’t fully resolve). Not to redo the work of others, copy/pasta:
What makes fingerprinting a threat to online privacy?
It is pretty simple. First, there is no need to ask for permissions to collect all this information. Any script running in your browser can silently build a fingerprint of your device without you even knowing about it. Second, if one attribute of your browser fingerprint is unique or if the combination of several attributes is unique, your device can be identified and tracked online. In that case, no need for a cookie with an ID in it, the fingerprint is enough.
There’s also a number of interviews with white and red hat hackers who delve quite deeply into the subject and how they’ve used this telemetry to go after black hats (mainly to emphasize that even with some degree of sophistication this can be difficult to evade, especially when compounded with other methods and telemetry already modelled against your identity).
short of a website provider having access to my provider ip over time vs. customer data, how is my browser fingerprint uniquely identifying me when I clear cookies every now and then and often resize the browser window? Genuinely curious - obviously between clearing cookies there’s an issue, and also if I use logins to any websites that share data with some asshat like google analytics, they will recognize me across websites. And of course with the latest mozilla data grab, things will get worse :/
Privacy focused browsers can help (but don’t fully resolve). Not to redo the work of others, copy/pasta:
A couple of useful articles:
https://en.wikipedia.org/wiki/Device_fingerprint
https://blog.torproject.org/browser-fingerprinting-introduction-and-challenges-ahead/ (Excerpt above)
https://onlinelibrary.wiley.com/doi/10.1155/2022/3363335
There’s also a number of interviews with white and red hat hackers who delve quite deeply into the subject and how they’ve used this telemetry to go after black hats (mainly to emphasize that even with some degree of sophistication this can be difficult to evade, especially when compounded with other methods and telemetry already modelled against your identity).