New Site Checks Your Browser's Fingerprint

"Does your web browser have a unique fingerprint? If so your web browser could be tracked across websites without techniques such as tracking cookies..." warns a new site created by the University of Adelaide and ACEMS, adding "the anonymization aspects of services such as Tor or VPNs could be negated if sites you visit track you using your browser fingerprint." AnonymousCube contacted Slashdot about their free browser fingerprinting test suite: On the site you can see what data can be used to track you and how unique your fingerprint is. The site includes new tests, such as detecting software such as Privacy Badger, via how social media buttons are disabled, and CSS only (no JavaScript or flash) tests to get screen size and installed fonts.
If you're serious about privacy, you might want to test the uniqueness of your browser's fingerprint.

Re:Fingerprint Randomizer

> I haven't heard any solid reports of sites making use of them.

I installed CanvasBlocker which has a setting to alert me every time the fingerprint is queried.

So far I've noticed it on every page of github.com, the front page of pof.com, every page on medium.com, accounts.firefox.com - there are probably lots more, but I disable javascript by default so most sites don't even get a chance to fingerprint me.

Canvasblocker randomizes on every page load. I think that makes you stand out more. I use task-specific profiles in firefox (e.g. banking profile, facebook profile, gmail profile, etc) and in most of those profiles I use Canvas Defender which lets you manually generate a new fingerprint and then keep it indefinitely but it doesn't warn you when a site is trying to take your fingerprint.

Re:Fingerprint Randomizer

> An extension that sets your fingerprint data to be the exact same as everyone else. That would be amusing.

It would be ineffective unless a TON of people were using it. Until then it would just make you stand out more because they could easily recognize you as having that extension installed and then combined with all your other info (ip address, user agent, timezone, screen size, list of installed fonts, etc) you'd still be trackable.

> For example, why does my browser expose monitor contrast level?

It doesn't. YOU exposed it. When you filled out that captcha. The image in the captcha has a character that is invisible on low contrast monitors. So they discriminate your monitor contrast based on whether or not you typed in that character.

Re:Fingerprint Randomizer

[Zocalo]

Or you could be a little selective and just reduce the number of things that help make your fingerprint unique. That's the biggest failing in these fingerprinting sites so far; they don't really help you figure out how to do that, and what the effects on your fingerprint's uniqueness might be if you did to help you decide whether it's worth the effort or not. What I'd like to see is each parameter have a way of telling me right there what the common value options for that parameter are, they effect on your fingerprint of setting it to that value, and some suggestions as to how to go about doing that, especially where it's something as simple as downloading the US-English version of a browser intead of the UK-English one.

Test More Than Once

[DERoss]

Visit the test Web site more than once. If subsequent visits indicate that you remain unique -- that you are the only one out of all visits including your own prior visits -- then you are somewhat safe from tracking. Even better is when it reports inconsistent results from several visits within a short period of time. I did that, and the report was that I was unique twice relative to HTTP_ACCEPT Headers. Also, the Monitor Contrast Level was not the same for two consecutive visits.

I get this result by installing the Secret Agent extension from https://www.dephormation.org.u.... Panopticlick has similar problems characterizing my browser. And various Web sites that attempt geolocation have me all over the globe.