all messages for Emacs-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed
From: Tomas Nordin <tomasn@posteo.net>
To: Emanuel Berg <moasenwood@zoho.eu>, help-gnu-emacs@gnu.org
Cc: emacs-w3m@namazu.org
Subject: Re: Browser Fingerprinting
Date: Wed, 15 Apr 2020 21:19:40 +0200	[thread overview]
Message-ID: <873694mu9f.fsf@fliptop.i-did-not-set--mail-host-address--so-tickle-me> (raw)
In-Reply-To: <87lfmx8frv.fsf@ebih.ebihd>

Emanuel Berg via Users list for the GNU Emacs text editor
<help-gnu-emacs@gnu.org> writes:

> Here is an interesting article on so called "Browser
> Fingerprinting" [1]. This can be of some concern to
> people using uncommon browsers like Emacs-w3m.

I did this test at https://panopticlick.eff.org in 2017 with emacs w3m.
I was then unique among 216 118 browsers. I think the count is tested
browser the last N days. I did it again now and was unique among 175 561
browser the last 45 days with 17.42 bits of identifying information
(emacs w3m). Here are some more stats from that test:

                        Test                         Result
Is your browser blocking tracking ads?               ✓ yes 
Is your browser blocking invisible trackers?         ✓ yes 
Is your browser accepting Do Not Track commitments?  ✗ no  
Does your browser protect from fingerprinting?       ✗ no  

> Because Emacs-w3m doesn't support JavaScript, one should
> be safe from all that save for the cookies, but they can
> be be disabled with
>
>   (setq w3m-use-cookies nil)

didn't turn that off...

> Then there is also the User-Agent field in the HTTP
> request which browser supplies voluntarily.
> Because Emacs-w3m isn't the most common of browsers,
> this field can be used to identify YOU - possibly.
> Inhibit with
>
>   (setq w3m-add-user-agent nil)

Didn't do that.

> Now, check out the progress on [2] :)

Here I get

... full fingerprint is unique among the 1 936 960 collected so far.

> (The language is still "en" - however I don't think
> anyone can be tracked using that data...)
>
> Of course, the IP is still there, because otherwise the
> server won't know where to send the requested HTML.
> I think it is much more likely that tracking will be
> done using that, than the browser fingerprint!

Maybe. EFF explained to me at the time that browser fingerprinting is
more effective since IP can change over time and can be fiddled with
with VPN and so on. (Of course browser can change as well but anyway)

> But that's not a browser issue, people who look for that kind of
> anonymity will probably use VPN or Tor or be on some other *net
> altogether, besides the internet...
>
> Even if you feel you have nothing to hide, and you are
> not paranoid, it can be a good feeling not to give
> anything to these bozos anyway :)

Browser fingerprinting for tracking users ought to be illegal. It's just
wrong, no matter you have something to hide or not. Edward Snowden said
something I agree with -- saying that you don't care about privacy
because you don't have anything to hide is like saying you don't care
about freedom of speech because you have nothing to say.

Best regards
--
Tomas



  reply	other threads:[~2020-04-15 19:19 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-04-15  5:44 Browser Fingerprinting Emanuel Berg via Users list for the GNU Emacs text editor
2020-04-15 19:19 ` Tomas Nordin [this message]
2020-04-17  1:51   ` Emanuel Berg via Users list for the GNU Emacs text editor
2020-04-17  7:46     ` Tomas Nordin
2020-04-17  2:55   ` [emacs-w3m:13608] " Boruch Baum
2020-04-17  3:33     ` [emacs-w3m:13609] " Emanuel Berg
2020-04-17  8:15     ` [emacs-w3m:13607] " Tomas Nordin
2020-04-17  8:57       ` [emacs-w3m:13611] " Boruch Baum
2020-04-17  9:35         ` [emacs-w3m:13607] " tomas
2020-04-17 19:17           ` Vladimir Sedach
2020-04-17 21:08             ` Vladimir Sedach
2020-04-18  1:46               ` Emanuel Berg via Users list for the GNU Emacs text editor
2020-04-17 21:50           ` Emanuel Berg via Users list for the GNU Emacs text editor
2020-04-18  6:56             ` tomas
2020-04-18 10:12         ` Tomas Nordin
2020-04-19  1:26           ` Boruch Baum
2020-04-19  3:16           ` Emanuel Berg via Users list for the GNU Emacs text editor
2020-04-17  8:17     ` tomas
2020-04-17 19:31     ` Vladimir Sedach
2020-04-19  1:21       ` Boruch Baum

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=873694mu9f.fsf@fliptop.i-did-not-set--mail-host-address--so-tickle-me \
    --to=tomasn@posteo.net \
    --cc=emacs-w3m@namazu.org \
    --cc=help-gnu-emacs@gnu.org \
    --cc=moasenwood@zoho.eu \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/emacs.git
	https://git.savannah.gnu.org/cgit/emacs/org-mode.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.