The scary thought is that their "solutions" page doesn't really offer any good solution. TOR = slow browsing, privacy mode = doesn't really help that much, browsing from your cell phone = hell no...
With regards to the "privacy mode" of most browsers, I think that the feature is mis-named since it mostly refers to the browser's tracking of your activity, not the server's.
I have noscript, but I'm still only one in 47,347. While not uniquely identifying me, I often frequent sites with far less than 50.000 unique visitors.
I'm guessing my non-snow leopard Mac combined with Firefox (that seems to release an update every few weeks) gives me away. Maybe Firefox should stop putting more then major.minor, and certainly not build number, in the User-Agent?
I was thinking about it for a long time. I haven't implemented it yet - as I can't find a selling point.
What eff is selling: bits of entropy. What my mother understands - nothing. What other users understand: I'm not anonymous, being anonymous is hard, let's go shopping.
So yes - from technical point of view I can identify you even better than that, but it doesn't solve any problem. Well, maybe except for advertising :)
Your browser fingerprint appears to be unique among the 234,579 tested so far.
Currently, we estimate that your browser has a fingerprint that conveys
at least 17.84 bits of identifying information.
Interesting...one solution from the perspective of the tracker might be a system that assigns different weights to different types of information, with things like fonts and browser plugins given less ranking than things like OS, browser type, and time zone, which probably change much less frequently. You might not be able to get 100% unique tracking, but if you could guess that there was a 99% chance that it was the same person, doing things like behavioral advertising would probably still be worth it.
The interesting application of things like this and the visited link color hack is to use them in Europe, where apparently you have to get users to approve a cookie every time? This might be a good way to skirt the issue for a lot of sites that don't need a guarantee that it's the same person.
No, I'm suggesting that the majority of computer use will invalidate this as a viable method of identifying users. Connecting from home versus a cafe or a friend's place; browser upgrades; plugin changes/upgrades; using a different browser; installing or removing fonts ... all of those will break this.
The prospect of having this in place instead of cookies would be a huge victory for privacy.
Very surprised that my plugins provided the most bits (13), as I have only Flash installed. Maybe it is because everybody has a slightly different version of the Flash plugin? Also, I can only assume that FutureSplash Player comes with Flash? I also have the "Gecko default plugin", not idea whatsoever what it does.
I think it's somewhat dishonest about the uniqueness of visitor's fingerprints. I've tried it three times and been told I was unique each time. However, the last two times consisted of me visiting the site and, without doing anything else at all, refreshing.
From The EFF's Panopticlick's things that enable it to create 'unique browser fingerprint' about your system + browser, Combined with browsing history as determined by www.whattheinternetknowsaboutyou.com, this is quite scary!
hmmm, having a chinese plugin for taobao really marks my browser.... I wonder if there's a way to tell to safari not to return the list of plugins? But then I guess it would break a few pages...
With regards to the "privacy mode" of most browsers, I think that the feature is mis-named since it mostly refers to the browser's tracking of your activity, not the server's.