this post was submitted on 18 Feb 2025
969 points (99.3% liked)

Technology

63009 readers
6236 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
969
Digital Fingerprinting: Google launched a new era of tracking worse than cookie banners | Tuta (tuta.com)
submitted 3 days ago by [email protected] to c/[email protected]
234 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 28 points 2 days ago (3 children)

It would be nice to hammer a manually created fingerprint into the browser and share that fingerprint around. When everyone has the same fingerprint, no one can be uniquely identified. Could we make such a thing possible?

[–] [email protected] 25 points 2 days ago (1 children)

Not really. The "fingerprint" is not one thing, it's many, e.g. what fonts are installed, what extensions are used, screen size, results of drawing on a canvas, etc... Most of this stuff is also in some way related to the regular operation of a website, so many of these can't be blocked.

You could maybe spoof all these things, but some websites may stop behaving correctly.

[–] [email protected] 4 points 2 days ago (1 children)

I get that some things like screen resolution and basic stuff is needed, however most websites don’t need to know how many ram I have, or which CPU I use and so on. I would wish for an opt-in on this topics: So only make the bare minimum available and ask the user, when more is needed. For example playing games in the browser, for that case it could be useful to know how much ram is available, however for most other things it is not.

[–] [email protected] 7 points 2 days ago

Unfortunately the bare minimum is in most cases already enough to uniquely fingerprint you.

[–] [email protected] 4 points 2 days ago

Tor browser

And Mullvad browser

[–] [email protected] 3 points 2 days ago (2 children)

This is called Tor

[–] [email protected] 10 points 2 days ago (1 children)

No it isn't.

And this is really important. If you go on Google tracked websites without tor, Google will still know it's you when you use tor, even if you've cleared all your cookies.

Tor means people don't know your IP address. It doesn't protect against other channels of privacy attack.

[–] [email protected] 8 points 2 days ago (3 children)

Yes, it is.. Tor prevents against fingerprinting as well. It isn't just relay plumbing to protect your IP.. This can easily be tested on any fingerprinting site with default config of Tor demonstrating a low entropy https://blog.torproject.org/browser-fingerprinting-introduction-and-challenges-ahead/

[–] [email protected] 9 points 2 days ago (1 children)

It's been a long while since I looked, but I remember it being a thing in tails to specifically not resize your browser window or only have it full screen to match a ton of other fingerprints.

Plus since it was a live distro that reset on every reboot it would only have the same fonts and other data as other people using tails. Honestly, I hate that all that info is even available to browsers and web sites at all.

[–] [email protected] 3 points 2 days ago (1 children)

Letterboxing has significantly reduced threat presented by window sizing. https://support.torproject.org/glossary/letterboxing/

[–] [email protected] 1 points 1 day ago (1 children)

I don't quite understand -- does this feature let you resize the window again to the size you want, and you are still sharing the same fingerprint with everyone else? Or do you still have to keep the browser window the default size to minimize your unique fingerprint?

[–] [email protected] 1 points 23 hours ago

It rounds the browser window to the nearest 100x100 window size. Using the default will likely be the biggest dataset to hide yourself in, but maximizing the window will still have some amount of obfuscation.

[–] [email protected] 5 points 2 days ago (1 children)

Tor browser is not Tor.

This is Tor https://en.m.wikipedia.org/wiki/Tor_(network)

Tor browser is an additional piece of software built on top of it. Using the network(what everyone else means when they say tor) is unfortunately not enough to prevent fingerprinting.

[–] [email protected] 3 points 2 days ago (1 children)

Good point, that difference does matter. I guess other browsers like Brave use the Tor Network, and it would be misleading to suggest Brave has good anti-fingerprinting.

What kind of fingerprint avoidance are you suggesting then that the Tor browser cannot do that makes a difference?

[–] [email protected] 4 points 1 day ago

If you enable JavaScript, you open Pandora's box to fingerprinting (e.g. tracking mouse movements, certain hardware details, etc). If you don't, half (or more) of the internet is unusable.

[–] [email protected] 3 points 2 days ago

No, it is not. Tor Browser != Tor. Get your shit right or be pwned.

[–] [email protected] 1 points 2 days ago

*Tor browse

Leave everything default and you'll look like every other Tor browser user.