Browser Fingerprinting and Online Privacy. We know who you are!

We have been writing about online privacy and covering tools that claim total privacy: Proxies, VPNs and similar software. But we did not think about this, that websites already know who you are! The method is known as Device Fingerprinting or Browser Fingerprinting. In this post, we’ll talk about what is Browser Fingerprint and then see if we have any methods to avoid the method of tracking or tracing you.

Browser Fingerprinting

Browser Fingerprinting

A collection of your data by websites you visit using any browser and identifying you based on that data is Bowser Fingerprinting. Almost every user of the Internet has different settings for his or her browser. Not only browser information, but it is also possible for websites to run a JavaScript or Flash script to know the type of the computer screen you own, fonts on the system, Cookies and so on.

But if you are using a Proxy and a VPN, do these things matter? A Proxy just changes your location. It does not add or remove extensions from your browser or change its settings. Likewise, a VPN too will not change your screen resolution and pixel depth. None of them can stop the website from querying the fonts installed on your computer or hide their sequence to make it look like a different computer.

In other words, they cannot modify or erase your Browser Footprints. Though there are options now, in most browsers to ask websites to Not Track you, the website(s) may or may not accept the request. You can also use some third-party tools to help in reducing, tracking and tracing you. They do work, but they cannot block queries coming from the websites.

Coming back to what is Browser Fingerprinting, there are third-party companies that take up the task of identifying you among millions of others visiting a particular site. Most of the data is obtained by querying your browser: The number of extensions, the installed extensions, browser settings, cookies you permitted to store on your computer and data like that. Some of the companies add a script to know your system configuration. In short, they first identify you and then track you, usually for profit!

Now that you know that websites can identify you using different methods, you might want to know how to escape this kind of snooping.

If you are inclined to, you can test your browser’s uniqueness by visiting this Panopticlick link. This site tells you how easy or tough would it be to figure out the browser fingerprints.

Read: Website Traffic Fingerprinting.

Avoid, disable Browser Fingerprints

Though there are some plugins for Chrome and Firefox that claim to do the task by randomly enabling and disabling add-ons, I do not think this can really work. It would further tell the websites about your browser using these specific plugins. Plus, they only enable or disable the other plugins, so the websites can always read what all plugins and extensions are present even if they are disabled.

You can manually add some plugins before starting the browsing session. And each time, you may remove them and add some other plugins. This too is not a solid answer to preventing or disabling browser fingerprints.

The main problem is that they can query your computer using Javascript or Flash code. A Flash code can give away good information about your system.

I am not sure, but I think I read somewhere that you can disable system querying by disabling Flash on your computer, as the websites use Flash scripting to query your computer. If any of you have information on this, please share.

Some might think that using InCognito or InPrivate mode might help. But without extensions, it is still giving a unique identity to your browser, “Hey, this is the guy who always uses InCognito mode… but I can read the extensions he has on his browser… wait, I can also see his browser settings“.

Among the several steps you could take to prevent or disable browser fingerprinting you could try these too:

  1. Disable JavaScript. Disabling JavaScript is a powerful defense against browser fingerprinting because it cuts off the code that websites use to detect plugins, fonts, use of supercookies, etc. But this could affect your browsing experiences.
  2. Use TorButton. It standardizes most browser characteristics and strings and can block JavaScript in the browser too. Plugins are available for browsers too.
  3. See how to block Canvas Fingerprinting in Chrome and Firefox.

This is what I could gather about browser fingerprinting. The only good news is that not many sites employ this technique – yet!

If you think I missed something or if you wish to add something, please share with us using the comment boxes.

Now read about Cross-browser fingerprinting and how to find out your Browser and Computer’s unique Fingerprint.

Posted by on , in Category Security with Tags

Arun Kumar is a Microsoft MVP alumnus, obsessed with technology, especially the Internet. He deals with the multimedia content needs of training and corporate houses. Follow him on Twitter @PowercutIN