Cover Your Tracks - A new EFF project designed to better uncover the tools and techniques of online trackers and test the efficacy of privacy add-ons (successor to Panopticlick)
Some more thoughts regarding fingerprinting. The purpose of browser fingerprinting techniques is to harvest as much identifying data about the user's browser, device, and behavior as possible....
Some more thoughts regarding fingerprinting.
The purpose of browser fingerprinting techniques is to harvest as much identifying data about the user's browser, device, and behavior as possible. Thanks to modern technology, it's possible to gather and correlate all these data points together to paint a picture of person behind the screen. This creates a situation where standardizing everything creates pseudo-anonymity as users of that setup are largely indistinguishable from each other (i.e. what Apple or TOR Browser do).
Devices which are tightly constrained in terms of specs are less identifiable. This means popular products from major brands make it easier to blend in with other users of the same device.
ex. An iPhone 12 is more common than a custom built gaming pc tricked out with an ultrawide monitor
Using popular browsers makes it easier to blend in. Conversely, deliberately switching to anything besides Chrom(e|ium) makes you stand out like a sore thumb.
ex. Nearly everyone using a mobile device uses the default browser. Picking up a third party browser app like Lighting or Kiwi Browser (or even Firefox) is not anything the multitudes do (or can even conceive of).
Extensions and tweaks affect browser and user behavior. Each additional change cumulatively adds to the amount of information ("bits") and makes an user unique.
ex. The Privacy Badger extension works by examining all connections made during your regular browsing sessions. Everybody has different habits and hangouts, so naturally their browsing history will become unique as time goes on without resetting the Privacy Badger extension. This means that the persistent blocklist that Privacy Badger creates has become a proxy for that unique browsing history.
User behavior before and during the browsing session adds bits, especially if they are persistent habits.
ex. Most people use their browser in maximized window mode. Anyone who resizes their window (e.g.a random resolution like 1207x988) and browses persistently without changing it again has just created a nearly unique data point.
Even if they can’t build a picture of the person behind the screen on the first impression, once you’re fingerprinted, you can be tracked across domains and even browsing sessions. And that...
Thanks to modern technology, it's possible to gather and correlate all these data points together to paint a picture of person behind the screen.
Even if they can’t build a picture of the person behind the screen on the first impression, once you’re fingerprinted, you can be tracked across domains and even browsing sessions. And that tracking can then garner even more information, such as what times you browse, and potentially what sites you visit if you visit a group of sites that can match the same fingerprint in their database (or if they are part of the same ad network that can match your fingerprint).
After you finish running it, you should get a really long report page with "Your Results" and "Detailed Results" sections that goes through all the different factors and explains how unique yours...
After you finish running it, you should get a really long report page with "Your Results" and "Detailed Results" sections that goes through all the different factors and explains how unique yours are. That's kind of the core feature of the tool: letting you see what aspects of your browser/setup are contributing the most to making you identifiable by trackers.
Under "Your Results", if it says something like "Your browser fingerprint appears to be unique among the 277,196 tested in the past 45 days." that's probably a bad thing (but it's also really hard to not get the unique result—that's the point), because it means that tracking companies would be able to use the same methods EFF is using to uniquely identify you across sites.
In the detailed results, the things to pick out as the "worst" will be ones that have high numbers for both "Bits of identifying information" and "One in x browsers have this value". High values on those mean that your browser is giving a rare response and is more easily identifiable.
This question is too vague and there's no information about your setup to give any meaningful advice/interpretation. Things to keep in mind: This tool is used by the privacy conscious, which will...
This question is too vague and there's no information about your setup to give any meaningful advice/interpretation.
Things to keep in mind:
This tool is used by the privacy conscious, which will eventually skew the "uniqueness" results towards weird and highly profile-raising setups. i.e. "Hardened Firefox"
More extensions = more fingerprinting opportunities since your browser will behave radically differently from the normal users. This includes ad blockers and especially using weird or regional blocklists.
Use the default or popular browsers to blend in. i.e. Safari on MacOS/iOS, Chrome/Edge on Windows, Chromium/Firefox on Linux.
That's certainly well-exemplified by the "Platform" statistic. Linux on the desktop sure seems to have gotten popular recently... PLATFORM Linux x86_64 Bits of identifying information: 2.91 One in...
This tool is used by the privacy conscious, which will eventually skew the "uniqueness" results towards weird and highly profile-raising setups.
That's certainly well-exemplified by the "Platform" statistic. Linux on the desktop sure seems to have gotten popular recently...
PLATFORM
Linux x86_64
Bits of identifying information: 2.91
One in x browsers have this value: 7.52
What are the actual results of the report? You want to read the line about the bits of identifying information. Higher = worse because it is easier to identify the user and correlate activity.
What are the actual results of the report?
You want to read the line about the bits of identifying information. Higher = worse because it is easier to identify the user and correlate activity.
Your browser fingerprint appears to be unique among the 277,992 tested in the past 45 days.
Currently, we estimate that your browser has a fingerprint that conveys at least XX bits of identifying information.
So I tried it with Chromium and Firefox on Linux, that part that I quoted appears to stay the same as far as bits of info are concerned. @Deimos' comment is right about needing to go further down...
So I tried it with Chromium and Firefox on Linux, that part that I quoted appears to stay the same as far as bits of info are concerned. @Deimos' comment is right about needing to go further down to check each individual element of fingerprinting and seeing how unique each feature tested is.
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36
Bits of identifying information: 8.4
One in x browsers have this value:337.37
Mozilla/5.0 (X11; Linux x86_64; rv:83.0) Gecko/20100101 Firefox/83.0
Bits of identifying information: 9.74
One in x browsers have this value:853.24
Some more thoughts regarding fingerprinting.
The purpose of browser fingerprinting techniques is to harvest as much identifying data about the user's browser, device, and behavior as possible. Thanks to modern technology, it's possible to gather and correlate all these data points together to paint a picture of person behind the screen. This creates a situation where standardizing everything creates pseudo-anonymity as users of that setup are largely indistinguishable from each other (i.e. what Apple or TOR Browser do).
ex. An iPhone 12 is more common than a custom built gaming pc tricked out with an ultrawide monitor
ex. Nearly everyone using a mobile device uses the default browser. Picking up a third party browser app like Lighting or Kiwi Browser (or even Firefox) is not anything the multitudes do (or can even conceive of).
ex. The Privacy Badger extension works by examining all connections made during your regular browsing sessions. Everybody has different habits and hangouts, so naturally their browsing history will become unique as time goes on without resetting the Privacy Badger extension. This means that the persistent blocklist that Privacy Badger creates has become a proxy for that unique browsing history.
ex. Most people use their browser in maximized window mode. Anyone who resizes their window (e.g.a random resolution like 1207x988) and browses persistently without changing it again has just created a nearly unique data point.
Even if they can’t build a picture of the person behind the screen on the first impression, once you’re fingerprinted, you can be tracked across domains and even browsing sessions. And that tracking can then garner even more information, such as what times you browse, and potentially what sites you visit if you visit a group of sites that can match the same fingerprint in their database (or if they are part of the same ad network that can match your fingerprint).
After you finish running it, you should get a really long report page with "Your Results" and "Detailed Results" sections that goes through all the different factors and explains how unique yours are. That's kind of the core feature of the tool: letting you see what aspects of your browser/setup are contributing the most to making you identifiable by trackers.
Under "Your Results", if it says something like "Your browser fingerprint appears to be unique among the 277,196 tested in the past 45 days." that's probably a bad thing (but it's also really hard to not get the unique result—that's the point), because it means that tracking companies would be able to use the same methods EFF is using to uniquely identify you across sites.
In the detailed results, the things to pick out as the "worst" will be ones that have high numbers for both "Bits of identifying information" and "One in x browsers have this value". High values on those mean that your browser is giving a rare response and is more easily identifiable.
This question is too vague and there's no information about your setup to give any meaningful advice/interpretation.
Things to keep in mind:
This tool is used by the privacy conscious, which will eventually skew the "uniqueness" results towards weird and highly profile-raising setups. i.e. "Hardened Firefox"
More extensions = more fingerprinting opportunities since your browser will behave radically differently from the normal users. This includes ad blockers and especially using weird or regional blocklists.
Use the default or popular browsers to blend in. i.e. Safari on MacOS/iOS, Chrome/Edge on Windows, Chromium/Firefox on Linux.
That's certainly well-exemplified by the "Platform" statistic. Linux on the desktop sure seems to have gotten popular recently...
What are the actual results of the report?
You want to read the line about the bits of identifying information. Higher = worse because it is easier to identify the user and correlate activity.
So I tried it with Chromium and Firefox on Linux, that part that I quoted appears to stay the same as far as bits of info are concerned. @Deimos' comment is right about needing to go further down to check each individual element of fingerprinting and seeing how unique each feature tested is.
States I have strong protection, but I'm still susceptible to fingerprinting. Oops!