| 1 |
On Thu, 2012-01-26 at 11:14 -0500, Michael Mol wrote: |
| 2 |
> On Thu, Jan 26, 2012 at 11:04 AM, Frank Steinmetzger <Warp_7@×××.de> wrote: |
| 3 |
> > On Thu, Jan 26, 2012 at 09:34:56AM -0500, Michael Mol wrote: |
| 4 |
> > |
| 5 |
> >> >>> I guess you mean https://panopticlick.eff.org/ |
| 6 |
> >> >> |
| 7 |
> >> >> My results from work: |
| 8 |
> >> >> |
| 9 |
> >> >> Your browser fingerprint appears to be unique among the 1,939,102 tested so far. |
| 10 |
> >> >> |
| 11 |
> >> >> Currently, we estimate that your browser has a fingerprint that |
| 12 |
> >> >> conveys at least 20.89 bits of identifying information. |
| 13 |
> >> >> |
| 14 |
> >> > |
| 15 |
> >> > |
| 16 |
> >> > Funny, I get exactly the same thing except add one to the large number. |
| 17 |
> >> > I guess you tested before I did. How does one avoid this but still |
| 18 |
> >> > have sites work? |
| 19 |
> >> |
| 20 |
> >> Well, I just went to the same site using a Chrome 'incognito' browser, |
| 21 |
> >> and got this: |
| 22 |
> >> |
| 23 |
> >> Within our dataset of several million visitors, only one in 969,560 |
| 24 |
> >> browsers have the same fingerprint as yours. |
| 25 |
> >> |
| 26 |
> >> Currently, we estimate that your browser has a fingerprint that |
| 27 |
> >> conveys 19.89 bits of identifying information. |
| 28 |
> > |
| 29 |
> > I get almost the same numbers with just using NoScript and Flashblock. (And |
| 30 |
> > the above result when I allow the Java applet and JavaScript). |
| 31 |
> > |
| 32 |
> > This backs me up in using noscript and flashblock. Sometimes I doubt myself |
| 33 |
> > when I get asked once more why I would use NoScript in times when most of the |
| 34 |
> > web relies on JS. I then say that privacy and comfort is more important to me |
| 35 |
> > than having to allow JS on a site from time to time. (Even though some sites |
| 36 |
> > obviously don't work without it, such as video portals, most of them still do, |
| 37 |
> > albeit some gt a borked layout from it). |
| 38 |
> |
| 39 |
> FWIW, I'm not using NoScript or Flashblock, only an Adblock. And |
| 40 |
> Chrome blocked the Java applet both in the normal and incognito modes. |
| 41 |
> |
| 42 |
> |
| 43 |
|
| 44 |
To turn this on its head ... rather than hiding, is there a way to |
| 45 |
create identical browsers that pollute their (google et al.) databases? |
| 46 |
|
| 47 |
Perhaps a read only VM with a standard fit out? (noscript etc. - |
| 48 |
basically a sandboxed browser for the paranoid!) |
| 49 |
|
| 50 |
or does such a thing already exist? |
| 51 |
|
| 52 |
BillK |
Archives