[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-gnuzilla] Browser Fingerprints Solution

From: Loic J. Duros
Subject: Re: [Bug-gnuzilla] Browser Fingerprints Solution
Date: Fri, 28 Mar 2014 22:29:06 +0000
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3.50 (gnu/linux)

Forwarding this to the list (I was the only one in copy.)

address@hidden writes:

> - User Agent
> - HTTP_ACCEPT Headers
> - Browser Plugin Details
> - Time Zone
> - Screen Size and Color Depth
> - System Fonts
> - Are Cookies Enabled?
> - Limited supercookie test
> - There appears to be a long list of parameters:
> http://browserspy.dk/
> There's another detail that I would like to stress out: consistency.
> Say, about a website that requires a user account.
> You can't randomly generate parameters every time you login, due to the very
> likely possibility of them keeping a record of them.
> Also, the parameters should not be distributed as the same for everyone.
> The user should be able to choose and also randomly generate, but also keep
> "profiles" for various sites.
> (Including it on the mailing list)
> On 2014-03-28 20:45, address@hidden wrote:
>> Also, would anyone on this list research this issue, write back results
>> to the list with a list of elements to work on to reduce fingerprinting, as
>> well as potential implementations for this (Or code submissions?)
>> Just making sure that everyone knows that we need more contributors,
>> always.
>> Loic
>> address@hidden (Loic J. Duros) writes:
>>> Julian <address@hidden> writes:
>>>> On 03/27/2014 05:52 PM, address@hidden wrote:
>>>>> I am writing to stress out the need of a solution, integrated with
>>>>> icecat, to use false browser fingerprints and result in opting-out
>>>>> from surveillance.
>>>> Nothing wrong with adding anti-fingerprinting to IceCat, but I just
>>>> want to point out that the best way to stop fingerprinting (and
>>>> surveillance in general) is to use the Tor Browser Bundle at its
>>>> default settings. IceCat can never be as good at stopping tracking as
>>>> that, for various reasons.
>>> Actually, if we are talking about fingerprinting strictly rather than
>>> pure anonimity, I'm not sure how the tor browser fares (I remember the
>>> tor browser draft mentioned fingerprinting at some point.) Anything that
>>> modifies the behavior of your browser has an effect on
>>> fingerprinting. This includes the measures (addons, fixes) taken to
>>> block third-party requests, disable a global js variable, and the like.
>>> The more the browser is out of the ordinary the more unique its
>>> fingerprint. The best way to get a browser to have a more common
>>> fingerprint is to have it masquerade as a common browser, running in a
>>> common operating system, with the expected behavior of a browser, etc,
>>> ...
>>> Running stuff that will make your browser more private will make your
>>> fingerprint more unique... So it's just a matter of finding the right
>>> balance (you still don't want to leak private data), or finding a way to
>>> mess with the values/mechanisms used for fingerprinting.
>>> Anyway, this is just my personal opinion which I haven't verified
>>> recently (more like a year and a half ago.)
>>> --
>>> http://gnuzilla.gnu.org
>> --
>> http://gnuzilla.gnu.org

reply via email to

[Prev in Thread] Current Thread [Next in Thread]