Ya' know.....with CSS, I can control the size of those same elements on the screen.....and the color.....and this will bring down civilization as we know it.
That is interesting, but as I mentioned earlier in this thread, I do think he is wrong in his conclusion. His work is fine, though old, and I do understand the fun of making blog posts like that - but he is still grandstanding.
That is interesting, but as I mentioned earlier in this thread, I do think he is wrong in his conclusion. His work is fine, though old, and I do understand the fun of making blog posts like that - but he is still grandstanding.
Not intending to get into an argument here, but I think the issue is that what that guy is saying doesn't work. At all. He is just plain wrong abut that having a practical use in identifying a Tor user. There is nothing "lesser" about it. It's an unfortunate aspect of "nerd" culture, but some love to puff up their chests and announce vulnerabilities in Tor. Only a few pan out and get fixed. Nobody is going to look at this one. There was some discussion among programmers, but most of it was just rolling of eyes.It's a lesser issue than getImageData(), so I mis-stated that.
I kind of like FF for the ability to set some of these things. Lord knows what's setup in Chrome, for instance. Hmmm, I notice TOR project didn't select them (or Chromium) for their TorBrowser. Hmmmm.
Not intending to get into an argument here, but I think the issue is that what that guy is saying doesn't work. At all. He is just plain wrong abut that having a practical use in identifying a Tor user. There is nothing "lesser" about it. It's an unfortunate aspect of "nerd" culture, but some love to puff up their chests and announce vulnerabilities in Tor. Only a few pan out and get fixed. Nobody is going to look at this one. There was some discussion among programmers, but most of it was just rolling of eyes.
The new study, which was conducted using an open-source tool, also uncovered a stealthy new technique used by some small
tracking companies that exploits the way browsers process audio, using it to "fingerprint" computers so they can be tracked ...
**sigh** ...
...
You know those images you get in your email? When you open them, your email client has to fetch them from a server somewhere. Because you fetched the image, I know you opened the email. Does that make you duck and run for cover? (Actually, I don't do this) ...
...
With audio, I can tell what kind of browser you are using! If you play my .ogg files, I know you're using Firefox! And if I know you're using Firefox, I'll serve you .ogg files instead of .mp4!!! OMG!!!!!
EDIT: Just saw the fingerprinting test page. It shows that I can find the audio capabilities of your audio system. Is this world coming to an end?
This whole thread is about every tech out there is out to get you and, as one who uses most of the tech on a daily basis, I'm here to let anyone know that, as one who writes code that uses this tech, most of it is tin hat worry.
Totally agree. As I so said.Some people cannot stand other opinions other than their own. Even worse is it, when facts are denied.
Some people, and the same people, are pushing one point of view and don't want to hear anything else. Going to the point of calling people "trolls"
I would like to reduce my fingerprint.
They act like the "boogie man" is around every corner and hiding behind every line of code and spend every waking moment looking for such things cause "they" are out to get them.
But, like the kids on reddit, I learned long ago you can't educate such people just like in politics and religion. They'll go on about it amongst their small group till they grow tired of it and move on to another thread about the same thing. So I regret responding to this. I should have known better.
A provision snuck into the still-secret text of the Senate’s annual intelligence authorization would give the FBI the ability to demand individuals’ email data and possibly web-surfing history from their service providers without a warrant and in complete secrecy.
If passed, the change would expand the reach of the FBI’s already highly controversial national security letters. The FBI is currently allowed to get certain types of information with NSLs—most commonly information about the name, address, and call information associated with a phone number or details about a bank account.
There are ways to fix it?With FreeBSD, there's yet another obstacle. The FreeBSD network stack is identifiable by itself. Most ad servers can identify whether or not it's FreeBSD, Linux, GoogleOS, or Windows (they each have different packet fingerprints). Look up OS fingerprinting. So, if your user-agent string says Mac, but your tcp/ip stack says FreeBSD, you're gonna be unique in the catalogue of the ad-spammer. Sorry to say.
Fingerprinting is actually a slightly misleading word in the context of "OS fingerprinting", as it is not unique like a person's fingerprint, only identifying a generic OS variant (e.g. FreeBSD 10.x). It would be like the entire global population sharing 244 sets of fingerprints. See /etc/pf.os for examples of the level of detail provided by the OS fingerprinting supplied as part of PF. It's handy for things like sending all incoming SMTP connections from Windows into a tarpit, but that's about it. In the hands of an advertising network, about the worst that will happen is you'll see more Cisco, O'Reilly, network management, and server hosting adverts.
I do not believe that it is not used as much as possible. All the possible ways. It brings great profit moneyAs far as OS fingerprinting goes, it shouldn't really be a major concern. It does not identify a unique machine, there's no tracking enabled by it.
That's the problem, that FreeBSD' generic fingerprint is already very unique in the context "Surfing the Internet on FreeBSD desktop"If you try to defeat OS fingerprinting, there are two significantly likely negative outcomes: 1) you actually give your machine a unique and trackable fingerprint instead of a generic fingerprint; and/or 2) you significantly harm the operation (security, performance, features, standards compliance) of your network stack. I strongly caution against misguided attempts to defeat OS fingerprinting, especially if you don't fully understand the things you might be tinkering with.
4:64+0:0:1460:65535,6:mss,nop,ws,sok,ts:df:0
4:64+0:0:1460:65535,0:mss:df:0
Of course it is used in combination with other data. In addition, one value may be 80% of visitors (win), other 0.01%.Fingerprinting is actually a slightly misleading word in the context of "OS fingerprinting", as it is not unique like a person's fingerprint, only identifying a generic OS variant (e.g. FreeBSD 10.x). It would be like the entire global population sharing 244 sets of fingerprints. See /etc/pf.os for examples of the level of detail provided by the OS fingerprinting supplied as part of PF. It's handy for things like sending all incoming SMTP connections from Windows into a tarpit, but that's about it. In the hands of an advertising network, about the worst that will happen is you'll see more Cisco, O'Reilly, network management, and server hosting adverts.
True! And thanks for the link.That's the problem, that FreeBSD' generic fingerprint is already very unique in the context "Surfing the Internet on FreeBSD desktop"
Also, the value of uptime can be recorded: http://lcamtuf.coredump.cx/p0f3/ , section 4
I could be wrong, but in this case
less additional options = more security
Some optimization, that added these options is not significant for desktop machine, I think