Open Menu
AllLocalCommunitiesAbout
lotide
AllLocalCommunitiesAbout
Login

Websites Are Tracking You Via Browser Fingerprinting

⁨316⁩ ⁨likes⁩

Submitted ⁨⁨4⁩ ⁨days⁩ ago⁩ by ⁨handnutaschnitte@feddit.org⁩ to ⁨technology@lemmy.world⁩

https://engineering.tamu.edu/news/2025/06/websites-are-tracking-you-via-browser-fingerprinting.html

source

Comments

Sort:hotnewtop
  • hansolo@lemmy.today ⁨4⁩ ⁨days⁩ ago

    Headline should read “Websites have been tracking you by browser fingerprinting for 6 months.”

    source
    • MCasq_qsaCJ_234@lemmy.zip ⁨4⁩ ⁨days⁩ ago

      How effective is the TOR browser against CreepJS?

      source
      • hansolo@lemmy.today ⁨4⁩ ⁨days⁩ ago

        100%. They all look the same.

        source
  • rottingleaf@lemmy.world ⁨4⁩ ⁨days⁩ ago

    Things which were obvious for any paranoid I2P user 15 years ago, and were being discussed in Freenet 20 years ago, and by cypherpunks 30 years ago, are again new and unexpected.

    See, you can murder people in the open if you can make it comfortable enough for everyone to ignore it.

    Surveillance and censorship should be scarier, because without them you can cry out about the murderer or avoid strategic disadvantage against the murderer, but are not - most people haven’t been in real danger they understood. And even if they were - suppose that’s already happening, people are being murdered in the open, censorship and surveillance happen, and the latter causes more outrage, - we all can see nobody cares enough to pay with a few bruises for opposing it, not just their living, health, life.

    Here we are.

    source
    • homesweethomeMrL@lemmy.world ⁨4⁩ ⁨days⁩ ago

      I didn’t see anything about this in my facebook feed.

      /s

      source
  • Boddhisatva@lemmy.world ⁨4⁩ ⁨days⁩ ago

    Really bad headline. The actual article is about a study showing that browser fingerprinting is being used in real time in pricing target ads to your browser.

    To investigate whether websites are using fingerprinting data to track people, the researchers had to go beyond simply scanning websites for the presence of fingerprinting code. They developed a measurement framework called FPTrace, which assesses fingerprinting-based user tracking by analyzing how ad systems respond to changes in browser fingerprints. This approach is based on the insight that if browser fingerprinting influences tracking, altering fingerprints should affect advertiser bidding — where ad space is sold in real time based on the profile of the person viewing the website — and HTTP records — records of communication between a server and a browser.

    “This kind of analysis lets us go beyond the surface,” said co-author Jimmy Dani, Saxena’s doctoral student. “We were able to detect not just the presence of fingerprinting, but whether it was being used to identify and target users — which is much harder to prove.”

    The researchers found that tracking occurred even when users cleared or deleted cookies. The results showed notable differences in bid values and a decrease in HTTP records and syncing events when fingerprints were changed, suggesting an impact on targeting and tracking.

    Additionally, some of these sites linked fingerprinting behavior to backend bidding processes — meaning fingerprint-based profiles were being used in real time, likely to tailor responses to users or pass along identifiers to third parties.

    source
    • benignintervention@lemmy.world ⁨4⁩ ⁨days⁩ ago

      I have never been able to figure out how to block fingerprinting without entirely disabling my browser and it looks like the race to the bottom is accelerating

      source
      • reksas@sopuli.xyz ⁨4⁩ ⁨days⁩ ago

        maybe blocking it is the wrong way to go about though. Instead there should be some way to make the fingerprinting data worthless by having everyones browser constantly change things in the background so the fingerprint changes too

        source
        • -> View More Comments
  • frenchfryenjoyer@lemmings.world ⁨3⁩ ⁨days⁩ ago

    This isn’t new. Reddit is infamous for this too

    source
  • shneancy@lemmy.world ⁨4⁩ ⁨days⁩ ago

    i mean, yeah?

    the cookies you accept, the addons you have, hell, even the size of your monitor when you maximalise the window is a part of your browser fingerprint

    anyone who’s ever downloaded the Tor browser will know it. that browser screams at you if you try to maximalise or install addons exactly because of that

    source
  • fubarx@lemmy.world ⁨4⁩ ⁨days⁩ ago

    They were doing this a decade ago, to help track app marketing campaigns.

    IIRC, it turned out you could get pretty close to uniquely identifying a device with permutations on only 7 attributes. The problem is if you install a plugin to return false data, it could break non-malicious websites, like running games or data visualizations.

    source
    • qqq@lemmy.world ⁨4⁩ ⁨days⁩ ago

      Am I misunderstanding something? Wouldn’t that just be 7! = 5040 possibilities?

      source
      • Evkob@lemmy.ca ⁨4⁩ ⁨days⁩ ago

        You’re mistakenly assuming the attributes are binary, stuff like screen resolution, regions, languages all have many possible values to help narrow down and identify you. It really doesn’t take that many for you to be identifiable.

        source
        • -> View More Comments
  • homesweethomeMrL@lemmy.world ⁨4⁩ ⁨days⁩ ago

    Mullvad has a fork of Firefox they built with TOR (the organization, it does not route over TOR network). Includes NoScript and ublock origin and works by making all browsers the same ( so long as you don’t fsck with it).

    You don’t have to use it with their VPN but that’s good, too.

    My only complaint is it doesn’t support containers. Otherwise it’s wonderful.

    mullvad.net/en/browser

    source
    • Fijxu@programming.dev ⁨4⁩ ⁨days⁩ ago

      +1. Mullvad browser is the best when it comes to browse the clearnet (not Tor). Also, if anyone reading this, do not compile Mullvad browser yourself, only use the official binary from the Mullvad site (or the -bin variant if you use Arch Linux AUR) since from my testing, different compiled versions of Mullvad browsers come with different fingerprints.

      Using an optimized build from CachyOS and using it on CreepJS will give you a low amount of visits, same goes with the Flatpak build, but the binary from the Mullvad site gives around 2k views, which means that at least 2k people have the exact same fingerprint as you, but of course, it counts the people that have visited CreepJS to test their fingerprint. There is also fingerprint.com which seems to be wayyy more advanced.

      source
  • the_riviera_kid@lemmy.world ⁨4⁩ ⁨days⁩ ago

    They have been for years.

    source
  • Mwa@thelemmy.club ⁨4⁩ ⁨days⁩ ago

    This is why I use Firefox + Canvasblocker + ublock origin I try to disable Javascript if it isn’t required for functionality for the stuff am doing

    source
    • PunkRockSportsFan@fanaticus.social ⁨4⁩ ⁨days⁩ ago

      Noscript on my personal machines

      Marketers are a pox

      If you’re a marketer, fuck you get a real job.

      source
  • Lembot_0003@lemmy.zip ⁨4⁩ ⁨days⁩ ago

    Wow, epic slowpokes. Anti-light tier of slowpokeness.

    Tell them that the USSR is no more and people already were on the Moon. And the Earth is almost spherical. Just in case, you know, better be updated than sorry…

    source
  • MonkderVierte@lemmy.zip ⁨3⁩ ⁨days⁩ ago

    Lets you question how digital stalking is still allowed?

    source
  • theseer@lemmy.zip ⁨4⁩ ⁨days⁩ ago

    No shit

    source
  • TuxEnthusiast@sopuli.xyz ⁨4⁩ ⁨days⁩ ago

    I heard about a browser extension that could spoof fingerprints.

    source
    • Mwa@thelemmy.club ⁨4⁩ ⁨days⁩ ago

      Canvasblocker?

      source
      • TuxEnthusiast@sopuli.xyz ⁨4⁩ ⁨days⁩ ago

        Yes thank you

        source
  • altphoto@lemmy.today ⁨3⁩ ⁨days⁩ ago

    Could we just create random fingerprints each time the website was visited?

    source
    • SomethingBurger@jlai.lu ⁨3⁩ ⁨days⁩ ago

      Yes, but if the combine your fingerprint with your IP, they can see that there are 9 unique fingerprints and several others seemingly changing at random, ergo 10 people.

      source
  • fjordo@feddit.uk ⁨4⁩ ⁨days⁩ ago

    I really wish there was a foolproof way of preventing fingerprinting. Disabling JavaScript unfortunately isn’t really an option, no-one builds websites with progressive enhancement in mind these days.

    source
    • AceSLS@ani.social ⁨4⁩ ⁨days⁩ ago

      JShelter and uBO medium mode to the rescue. Pair that with Librewolf and you’re pretty secure against fingerprinting.

      source
      • fjordo@feddit.uk ⁨4⁩ ⁨days⁩ ago

        Thanks for recommending JShelter! I’ll add it to my list

        source
    • tux0r@feddit.org ⁨4⁩ ⁨days⁩ ago

      The more people disable JS, the more websites won’t require it.

      source
      • Ulrich@feddit.org ⁨4⁩ ⁨days⁩ ago

        It’s just unrealistic to expect any size of the population to even understand what JS is, much less understand why and how it’s problematic and even beyond that, how to disable it, and even further to expect them to walk away from the 90%+ of sites using it on the web.

        source
    • Mwa@thelemmy.club ⁨4⁩ ⁨days⁩ ago

      Same

      source
  • cupcakezealot@piefed.blahaj.zone ⁨4⁩ ⁨days⁩ ago

    privacy.resistFingerprinting

    source
    • tux0r@feddit.org ⁨4⁩ ⁨days⁩ ago

      Why is that even an option you can disable?

      source
      • jadelord@discuss.tchncs.de ⁨4⁩ ⁨days⁩ ago

        It is not the default because it can also break meaningful functionality.

        source
        • -> View More Comments
  • Fijxu@programming.dev ⁨4⁩ ⁨days⁩ ago

    Soooo, how do I access the full article? I have to pay? Lol

    source