Slashdot Mirror

← Back to Stories (view on slashdot.org)

Tracking Browsers Without Cookies Or IP Addresses?

Posted by CmdrTaco on from the just-how-private-are-you dept.

Peter Eckersley writes "The EFF has launched a research project called Panopticlick, to determine whether seemingly innocuous browser configuration information (like User Agent strings, plugin versions and fonts) may create unique fingerprints that allow web users to be tracked, even if they limit or delete cookies. Preliminary results indicate that the User Agent string alone has 10.5 bits of entropy, which means that for a typical Internet user, only one in about 1,500 (2 ^ 10.5) others will share their User Agent string. If you visit Panopticlick, you can get a reading of how rare or unique your browser configuration is, as well as helping EFF to collect better data about this problem and how best to defend against it." I remember laughing years ago when I would see users who had modified their user agent string with some sort of defiant pro-privacy message, without realizing that their action made them uniquely identifiable out of hundreds of thousands of others.

8 of 265 comments (clear)

  1. Thanks EFF. I never thought about that. by cornicefire · · Score: 5, Funny

    I'm glad they gave me some new ideas for tracking.

    1. Re:Thanks EFF. I never thought about that. by Monkeedude1212 · · Score: 4, Funny

      Psh. Real trackers use emotional demographics to Identify their users.

      By tracking the various mouse movements on the page, and every key that might be entered, and the timing it takes between movements or keypresses, I can analyze that persons emotional relationship towards my web page. Some people might be angry, and thus have more spelling mistakes in their rage, or some people might be tender, loving, and caring, caressing the page softly and gently with their mouse.

      Everyone has different habits and express their feelings towards web pages in different ways. I can easily tell who is visitting my site based on how they are visitting my site.

    2. Re:Thanks EFF. I never thought about that. by Volante3192 · · Score: 2, Funny

      I got that too when I used Lynx.

      Your browser fingerprint appears to be unique among the 4,655 tested so far.

  2. Re:I get this ... by Sta7ic · · Score: 2, Funny

    Hey, more than I got. I hope the EFF can retrieve all the "research data" they're collecting from the servers that must be melting into slag...

  3. in other news by Lord+Ender · · Score: 4, Funny

    Researches have found a way to track web sites based on the MySQL errors they produce when they're slashdotted.

    --
    A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
  4. Two data points... by sabt-pestnu · · Score: 3, Funny

    By subtly changing where the errors occur (and which ones are reported), they can correlate your slashdot post with the attempted page fetch...

  5. Re:Results and flash cookies by KevMar · · Score: 4, Funny

    Using NoScript tells them plenty of information.

    You are either:
    1) Aware of the security risk on the internet so you disabled javascript
    2) You suffer from Paranoid Schizophrenia and don't want them controlling things
    3) You have a serious aversion to adds

    So the adds they should show you would go something like this in a jpg or animated gif (that is not a standard banner size).

    Do you want that extra protection that you just can't get on your own? You need more information on how addvertisements and security threats work. Fallow this link to make sure you are informed. They are still watching you.

    Sometimes they don't have to track you to figure out your habits

    --
    Im a gamer, not a grammer major. This post is full of spelling and grammer mistakes.
  6. Little Bobby Tables in User Agent String by fibrewire · · Score: 5, Funny

    Lets see whose tracking what :P

    Somebody write a firefox plugin that changes "Fingerprints" to "DropDB" statements