Hacker News new | past | comments | ask | show | jobs | submit login

>so you would need to have fingerprint resistant browser profile

easy. use firefox, open about:config, and set privacy.resistFingerprinting => true.




I still get failing marks in FF testing on panopticlick.eff.org with that set, though?


Easy to enable, but in practice not much help yet: For me, at least, I enabled resistFingerprinting and tested on https://panopticlick.eff.org. A unique fingerprint was still present. Test it yourself.


Check and make sure it's the same fingerprint across multiple runs.

I installed CanvasBlocker, and one of the things it does is fake results for a handful of API calls. So while Panopticlick reports a unique fingerprint each time, it looks (to me, based on their results) like a different browser each time.

In particular, the two most specific categories they track are canvas and webgl hashes. Those are changing every time, which I believe makes them less useful as tracking information; the next-most-specific thing is a list of fonts, which is almost two orders of magnitude less specific.


Right, that's why the setting is called resist fingerprinting. You still need to take other precautions like not full screening. A while ago I tested resistfingerprinting with a few machines and they all have the same fingerprint, so at least it's better than nothing.

I tested with my browser and it was unique as well. It seems to be caused by high dpi monitor breaking the window size rounding logic. Retrying with high dpi disabled results in

    Within our dataset of several hundred thousand visitors tested in the past 45 days, only one in 5551.36 browsers have the same fingerprint as yours.

    Currently, we estimate that your browser has a fingerprint that conveys 12.44 bits of identifying information.
Maybe having resistfingerprinting is a fingerprinting datapoint itself?


I don't fully understand panopticlick results. My machines always get uniquely identified by screen size (which I sort of understand, but find doubtful) and fonts installed. The latter I find very confusing since it often lists a set of garden variety Windows fonts, which I don't even have installed on my machine.


As others said it is not as easy, you probably need a special browser profile that is very "extreme" with the privacy settings. I would suggest not over selling that Firefox setting.


That still won't work. Most people don't have 'extreme' privacy settings, so you'll again be unique. To resist fingerprinting, you want your setup to be as generic as possible. This is one reason why it's important that browser vendors need to tackle this issue by setting privacy focused defaults.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: