Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
Is Tracking Protection really useful? [Discussion]
Message
<blockquote data-quote="oldschool" data-source="post: 832734" data-attributes="member: 71262"><p>I just read this article, poached from Wilders: <a href="https://blog.torproject.org/browser-fingerprinting-introduction-and-challenges-ahead" target="_blank">Browser Fingerprinting: An Introduction and the Challenges Ahead | Tor Blog</a> . So I started to re-think this subject after recently testing different forms of tracking protection. The most interesting point raised by the author is that <em>it may be best to use no tracking protection of any kind.</em></p><p></p><p>"... </p><p>3. Today, there is no ultimate solution to fix browser fingerprinting. As its origin is rooted in the beginning of the internet, there is no single patch that can fix it for good. And as such, designing defenses is hard. A lot of approaches have been tried and evaluated over the years with each their strengths and weakness. Examples include blocking attributes, introducing noise, modifying values, or increasing fingerprint diversity. <em>However, one important observation that has been made is that sometimes having no specific defense is better than having one. Some solutions, because of the way they were designed or coded, remove some fingerprinting vectors but introduce some artifacts or inconsistencies in the collected fingerprints. </em>(my italics)</p><p>For example, imagine a browser extension that changes the value of fingerprints before they are sent.</p><p>Everything works perfectly except the fact that the developer forgot to override the navigator.platform value. Because of this, the user-agent may say that the browser is running on Windows whereas the platform still indicates it is on a Linux system. This creates a fingerprint that is not supposed to exist in reality and, as such, make the user more visible online. It is what Eckersley [1] called the “Paradox of Fingerprintable Privacy Enhancing Technologies.” By wanting to increase online privacy, you install extensions that in the end make you even more visible than before. ..."</p><p></p><p>I've done some very initial testing at AmIUnique.org and my experience verifies this conclusion. However, I'll continue informal testing at other sites and to ponder the implications and how best to combat fingerprinting with available technology. Some may disagree but I believe privacy protection is part and parcel of web security.</p><p></p><p>What do you think about browser fingerprinting and tracking generally? If you use tracking protection, what form do you use? Specific browser? Extensions? VPN or other? Let me know your thoughts.</p></blockquote><p></p>
[QUOTE="oldschool, post: 832734, member: 71262"] I just read this article, poached from Wilders: [URL="https://blog.torproject.org/browser-fingerprinting-introduction-and-challenges-ahead"]Browser Fingerprinting: An Introduction and the Challenges Ahead | Tor Blog[/URL] . So I started to re-think this subject after recently testing different forms of tracking protection. The most interesting point raised by the author is that [I]it may be best to use no tracking protection of any kind.[/I] "... 3. Today, there is no ultimate solution to fix browser fingerprinting. As its origin is rooted in the beginning of the internet, there is no single patch that can fix it for good. And as such, designing defenses is hard. A lot of approaches have been tried and evaluated over the years with each their strengths and weakness. Examples include blocking attributes, introducing noise, modifying values, or increasing fingerprint diversity. [I]However, one important observation that has been made is that sometimes having no specific defense is better than having one. Some solutions, because of the way they were designed or coded, remove some fingerprinting vectors but introduce some artifacts or inconsistencies in the collected fingerprints. [/I](my italics) For example, imagine a browser extension that changes the value of fingerprints before they are sent. Everything works perfectly except the fact that the developer forgot to override the navigator.platform value. Because of this, the user-agent may say that the browser is running on Windows whereas the platform still indicates it is on a Linux system. This creates a fingerprint that is not supposed to exist in reality and, as such, make the user more visible online. It is what Eckersley [1] called the “Paradox of Fingerprintable Privacy Enhancing Technologies.” By wanting to increase online privacy, you install extensions that in the end make you even more visible than before. ..." I've done some very initial testing at AmIUnique.org and my experience verifies this conclusion. However, I'll continue informal testing at other sites and to ponder the implications and how best to combat fingerprinting with available technology. Some may disagree but I believe privacy protection is part and parcel of web security. What do you think about browser fingerprinting and tracking generally? If you use tracking protection, what form do you use? Specific browser? Extensions? VPN or other? Let me know your thoughts. [/QUOTE]
Insert quotes…
Verification
Post reply
Top