EFF Panopticlick Profiles Your Browser and Finds Unique Ways to Identify You
I just tried the Electronic Frontier Foundation (EFF.org)’s new browser fingerprinting website, Panopticlick.eff.org. It is a webpage that collects data from your web browser, and creates a new type of device fingerprint. It compares it to a database of all other devices that have visited the web page, and then tells you how unique your browser fingerprint is. Almost 1 million people have visited the website.
Concerningly, I visited with my Safari browser on a Mac. The web page says that my browser is uniquely identified out of 909,639 tested so far. My browser has a fingerprint that conveys at least 19.79 bits of identifying information.
It appears that the fingerprint includes the list of browser plug-ins that are installed into your browser, as well as which fonts are being used by your browser, your timezone, screensize, etc. This is new information for fingerprinting a device, as typical fingerprinting has included IP addresses, browser type, language, computer platform, cookies, etc.
What this means is that device fingerprinting can be used to identify individual users across websites, independent of traditional tracking such as web browser cookies and flash cookies.
The EFF gives some recommendations for avoiding browser profiling-based tracking. The prime way to do this is to make your browser look similar to everyone else’s browsers.
1. Use a “standard” widely used browser with “standard” computer settings.
2. Disable JavaScript, and consider using a JavaScript blocking tool like Noscript
3. Use TorButton to spoof your browser’s identification string to websites.
4. Use the “private browsing” features of your web browser.