I’m old enough to remember when age verification bills were pitched as a way to ‘save the kids from porn’ and shield them from other vague dangers lurking in the digital world (like…“the transgender”). We have long cautioned about the dangers of these laws, and pointed out why they are likely to...
I’m sure big tech is stoked on this idea. I mean, they were always able to figure out who most people were but now people have to straight up enter their identification and positively confirm.
I’m sure no one will use that information for nefarious reasons, right?
Frankly already a moot point - your browser fingerprints are already uniquely identifying (even before IP, cookies, and backend analytics). Realistically, tho, just more info for them to sell, leak and then eventually pay $0.25 per person in Google Play credit in the class action settlement.
short of a website provider having access to my provider ip over time vs. customer data, how is my browser fingerprint uniquely identifying me when I clear cookies every now and then and often resize the browser window?
Genuinely curious - obviously between clearing cookies there’s an issue, and also if I use logins to any websites that share data with some asshat like google analytics, they will recognize me across websites.
And of course with the latest mozilla data grab, things will get worse :/
Privacy focused browsers can help (but don’t fully resolve). Not to redo the work of others, copy/pasta:
What makes fingerprinting a threat to online privacy?
It is pretty simple. First, there is no need to ask for permissions to collect all this information. Any script running in your browser can silently build a fingerprint of your device without you even knowing about it. Second, if one attribute of your browser fingerprint is unique or if the combination of several attributes is unique, your device can be identified and tracked online. In that case, no need for a cookie with an ID in it, the fingerprint is enough.
There’s also a number of interviews with white and red hat hackers who delve quite deeply into the subject and how they’ve used this telemetry to go after black hats (mainly to emphasize that even with some degree of sophistication this can be difficult to evade, especially when compounded with other methods and telemetry already modelled against your identity).
I’m sure big tech is stoked on this idea. I mean, they were always able to figure out who most people were but now people have to straight up enter their identification and positively confirm.
I’m sure no one will use that information for nefarious reasons, right?
Frankly already a moot point - your browser fingerprints are already uniquely identifying (even before IP, cookies, and backend analytics). Realistically, tho, just more info for them to sell, leak and then eventually pay $0.25 per person in Google Play credit in the class action settlement.
short of a website provider having access to my provider ip over time vs. customer data, how is my browser fingerprint uniquely identifying me when I clear cookies every now and then and often resize the browser window? Genuinely curious - obviously between clearing cookies there’s an issue, and also if I use logins to any websites that share data with some asshat like google analytics, they will recognize me across websites. And of course with the latest mozilla data grab, things will get worse :/
Privacy focused browsers can help (but don’t fully resolve). Not to redo the work of others, copy/pasta:
A couple of useful articles:
https://en.wikipedia.org/wiki/Device_fingerprint
https://blog.torproject.org/browser-fingerprinting-introduction-and-challenges-ahead/ (Excerpt above)
https://onlinelibrary.wiley.com/doi/10.1155/2022/3363335
There’s also a number of interviews with white and red hat hackers who delve quite deeply into the subject and how they’ve used this telemetry to go after black hats (mainly to emphasize that even with some degree of sophistication this can be difficult to evade, especially when compounded with other methods and telemetry already modelled against your identity).