Browser Fingerprinting and Online Privacy. We know who you are!

We have been writing about online privacy and covering tools that claim total privacy: Proxies, VPNs and similar software. But we did not think about this, that websites already know who you are! The method is known as Device Fingerprinting or Browser Fingerprinting. In this post, we’ll talk about what is Browser Fingerprint and then see if we have any methods to avoid the method of tracking or tracing you.

Browser Fingerprinting

Browser Fingerprinting

A collection of your data by websites you visit using any browser and identifying you based on that data is Bowser Fingerprinting. Almost every user of the Internet has different settings for his or her browser. Not only browser information, but it is also possible for websites to run a JavaScript or Flash script to know the type of the computer screen you own, fonts on the system, Cookies and so on.

But if you are using a Proxy and a VPN, do these things matter? A Proxy just changes your location. It does not add or remove extensions from your browser or change its settings. Likewise, a VPN too will not change your screen resolution and pixel depth. None of them can stop the website from querying the fonts installed on your computer or hide their sequence to make it look like a different computer.

In other words, they cannot modify or erase your Browser Footprints. Though there are options now, in most browsers to ask websites to Not Track you, the website(s) may or may not accept the request. You can also use some third-party tools to help in reducing, tracking and tracing you. They do work, but they cannot block queries coming from the websites.

Coming back to what is Browser Fingerprinting, there are third-party companies that take up the task of identifying you among millions of others visiting a particular site. Most of the data is obtained by querying your browser: The number of extensions, the installed extensions, browser settings, cookies you permitted to store on your computer and data like that. Some of the companies add a script to know your system configuration. In short, they first identify you and then track you, usually for profit!

Now that you know that websites can identify you using different methods, you might want to know how to escape this kind of snooping.

If you are inclined to, you can test your browser’s uniqueness by visiting this Panopticlick link. This site tells you how easy or tough would it be to figure out the browser fingerprints.

Read: Website Traffic Fingerprinting.

Avoid, disable Browser Fingerprints

Though there are some plugins for Chrome and Firefox that claim to do the task by randomly enabling and disabling add-ons, I do not think this can really work. It would further tell the websites about your browser using these specific plugins. Plus, they only enable or disable the other plugins, so the websites can always read what all plugins and extensions are present even if they are disabled.

You can manually add some plugins before starting the browsing session. And each time, you may remove them and add some other plugins. This too is not a solid answer to preventing or disabling browser fingerprints.

The main problem is that they can query your computer using Javascript or Flash code. A Flash code can give away good information about your system.

I am not sure, but I think I read somewhere that you can disable system querying by disabling Flash on your computer, as the websites use Flash scripting to query your computer. If any of you have information on this, please share.

Some might think that using InCognito or InPrivate mode might help. But without extensions, it is still giving a unique identity to your browser, “Hey, this is the guy who always uses InCognito mode… but I can read the extensions he has on his browser… wait, I can also see his browser settings“.

Among the several steps you could take to prevent or disable browser fingerprinting you could try these too:

  1. Disable JavaScript. Disabling JavaScript is a powerful defense against browser fingerprinting because it cuts off the code that websites use to detect plugins, fonts, use of supercookies, etc. But this could affect your browsing experiences.
  2. Use TorButton. It standardizes most browser characteristics and strings and can block JavaScript in the browser too. Plugins are available for browsers too.
  3. See how to block Canvas Fingerprinting in Chrome and Firefox.

This is what I could gather about browser fingerprinting. The only good news is that not many sites employ this technique – yet!

If you think I missed something or if you wish to add something, please share with us using the comment boxes.

Now read about Cross-browser fingerprinting and how to find out your Browser and Computer’s unique Fingerprint.

Download this VPN to secure all your Windows devices and browse anonymously
Posted by on , in Category Security with Tags
Arun Kumar is a Microsoft MVP alumnus, obsessed with technology, especially the Internet. He deals with the multimedia content needs of training and corporate houses. Follow him on Twitter @PowercutIN

10 Comments

  1. jjy74451

    The only extension I have found that reduces browser fingerprints tremendously is Firegloves for the Firefox browser. The problem with the extension is that it tends to break many other websites, so it isn’t all that useful. However, it is fun to enable it and go to panopticlick to see your fingerprint almost “disappear”!

  2. ny347

    Actually, FireGloves doesn’t work any more. Device Fingerprinting has evolved whereas FG has not. Read the warning by the developers about the staleness of FG’s protections or lack thereof. https://pet-portal.eu/blog/read/533/?set_language=eng

  3. Endlyss

    It’s really obnoxious and ironic how you are writing an article about avoiding fingerprinting, yet block content viewing for people with ad-blockers.

  4. Nothing ironic about it. To write the article I had to pay the author. To make the article available to users, I had to pay the Hosting company. To make the post available quickly I have to pay the CDN company. To keep the site protected, and consequently the readers too, I have to pay Sucuri company for their Enterprise plan. Yet some readers have no compunctions about using an Adblocker, and prefer to consume the content free, without even allowing the ads to load. I find that obnoxious, actually. 🙂

  5. You need to understand that this is HOW the Internet works. All these sites you visit, do you actually pay them? No, I thought not. How are they supposed to give you something, and you expect them to get nothing back? Who is going to pay for their power, and taxes, and enable them to buy food? If you have a better system, I am very interested. Complaining about something you know nothing about, does no one any good.

  6. There are better ways, to allow some sites and block others. But effective blocking must be at the operating system, or hardware level, not just on the browser. People just have no idea how complicated and layered the Internet is. Also, they are not willing, or incapable of learning.

  7. Endlyss

    Always funny to me when people disagree with something that I say, and for some reason that clicks the idea into their mind that I “know nothing about” the subject at hand.

    You have a different opinion about how the internet should work. That’s all.

    All I did was point out the irony of someone explaining how to avoid fingerprinting, and then forcing their readers to be exposed to the biggest form of fingerprinting on the internet (ads).

    There are plenty of ways to monetize one’s website that do not involve destroying user experience. Merchandise, sponsored articles, subscription services for return-visitors, sell courses, etc… Ads have become quite the passive, lazy, and most destructive way to monetize one’s website.

  8. Endlyss

    Of course you find it obnoxious. You’re one of the site owners.

    I’m not saying you don’t deserve any money for what you put on your website. I know what it takes to build websites, and I know what it takes to manage the content. You take a lot of time. But why does that matter to me, and why am I responsible for any of it, when I went to google, typed in a question, and was brought here to read maybe a paragraph of what I actually wanted to read.

    What I don’t get is why explore such a destructive form of monetizing the website, when there are tons of other ways to monetize it.

    Sell merchandise.
    Sell services.
    Sell sponsored articles.
    Sell subscriptions for return visitors.
    Sell courses/books.

    Yet you pick the one that takes the lowest amount of work and the least amount of time to implement, while not caring that it is the absolute most destructive form of monetizing one’s website in terms of user experience.

    Don’t oversell your regurgitated information, as if I (a random passerby from google) owe you anything for the paragraph that I read, while searching for something out of pure curiosity.

    That’s like me walking down the street, reading a note on a bulletin board, and then some dude to the side trying to charge me a dime for reading his flyer, because it cost him money to print it off.

    Monetize people who actually come back to your site regularly. Try to monetize random passerby’s by acting like they’re responsible for your content, just because they glanced at it? You’re going to get a lot of middle fingers that way.

  9. What I do on my site and how I choose to monetize my site is my business. If this is how you feel, I suggest you stop wasting my bandwidth and find some other site to spam!

  10. Zen

    U must be tard to pay money for such shity services, in my country its cheap as hell. Today most providers have unlimited bandwidth, just ROFL these arguments are so bad, if its so costly for you delete ur site pls, we dont need internet of ppl like u…this is just common bullshit & and pls delete this comment to show ur censorship of opinion coz its ‘democratic’ at least u will have some work to do..

Leave a Reply

Your email address will not be published. Required fields are marked *


8 + 6 =