So, browser fingerprinting?

Vidar

Vidar

Vidar

Soldato
Joined
18 Dec 2008
Posts
6,689
Location
Liverpool
So sat here in hospital with this potato of a laptop I'm trying to learn bits and bobs that interest me that I haven't made time for previously. I stumbled across an article about anonymity on the internet and browser fingerprinting not only being used by advertisement companies but by governments for snooping etc.

Now I use a VPN, especially here on a public network, and thought that I was safe but when checking sites like "am I unique" I find it pretty disturbing that while even behind a vpn just how much information these sites show as a warning. Processor, screen resolution, current browser and operating system you are using etc. The only thing they don't have is my actual IP address.

Surely then they either have access to more detailed personal information or it would be childs play for them to access it with how browsers are integrating with operating systems. Is there any real way to really protect yourself from this?
 
I'm afraid I don't have a guide. But I'd suggest installing Virtalbox (it's free). When you run it you create a new 'guest'. When you do so, you specify how many cores, how much RAM, how much disk space, etc, that you want to dedicate to it. The disk space is a virtual disk on your machine. Anything from 10gb onwards should be fine. Generally set the number of cores to half of what you have on your system and set RAM at 4gb onwards. I set my networking mode to 'bridged' which allows the VM to see the outside network on your machine (if you don't do this then the guest won't see the network).

Then download something like Linux Mint 19 Mate (there is a 'Cinnamon' version too but Mate is better on machines with lower specs). In Virtualbox find the tab for optical drive for your guest and then find the iso you downloaded. When you start the guest it will assume that iso is just like loading from a DVD drive or USB stick and start the install process. From this point onwards the installation is happening within the virtual machine so it only sees that. It can't see the rest of your laptop/PC. For example when it's formatting the hard drive it will only actually be formatting that virtual drive you gave it when setting up the guest. because of this it's almost impossible to hurt anything on your actual laptop. So it's an ideal way to play with things safely. If it really goes wrong then just delete the guest and start again :) When you first start the guest with the linux iso you'll be able to just use it, or actually install it with an icon on the left. You should install it.

The term host is used to refer to your physical machine which hosts the guest.
The term guest refers to the virtual machine being run inside that host.

The guest will be a little slower than your main machine. But they are great ways of playing around with new operating systems.

For info, Mint is the name of a particular Linux distribution. There are hundreds of distros but Mint is generally regarded as one that's quite similar to Windows which is why I recommended that one. I use it on this laptop. Cinnamon and Mate (pronounced (mah tay) are 'desktop environments'. Unlike Windows you can choose different back ends and front ends with Linux. One of the major benefits of Linux is you can find a front end (the actual UI that you see and use) and customise it hugely. It's also a disadvantage for new users because having choice can be confusing. With Windows you get what MS give you (and that's the same with Apple). But with Linux you can install a huge variety of desktop environments to make it look similar to Windows, or similar to MacOS, or completely different. I'd recommend Mint Mate in this case because Mate is designed for lower spec computers (and you'll be giving the guest less resources than the laptop has so it needs to be able to run on that). Mint itself is geared towards people familiar with Windows.
 
Last edited:
Vidar said:
Now I use a VPN, especially here on a public network, and thought that I was safe but when checking sites like "am I unique" I find it pretty disturbing that while even behind a vpn just how much information these sites show as a warning. Processor, screen resolution, current browser and operating system you are using etc. The only thing they don't have is my actual IP address.

Surely then they either have access to more detailed personal information or it would be childs play for them to access it with how browsers are integrating with operating systems. Is there any real way to really protect yourself from this?
Click to expand...

Seems a bit "tin-foil hat", surely all of the information you've mentioned is largely needed just to get web pages to display correctly.
E.g.
- OS/Browser needed in order to ensure formatting correct due to different browser rendering engines
- Screen resolution, needed in order to ensure appropriate formatting e.g. when viewing on a mobile (including re-formatting when screen changes orientation), or even just an older PC rather than "standard" 1080P that's largely in use today

Some more information here:
https://www.w3.org/TR/2010/WD-system-info-api-20100202/
 
Thanks guys,

@Armageus perhaps you are right but as I read somewhere that even off this info you are identifiable as the likely hood of someone running the exact same set up ad you is slim and companies could develop a snap shot of who you are.

For me having a very limited understanding of programming that someone might be able to see more valuable data such as who the os is registered to.
 
I just run privacy extensions in Firefox, like DecentralEyes, Privacy Badger, Ublock and HttpsEverywhere.

The browser is set to wipe all cookies after closing, including logins. I use a VPN and select different locals every session.

Imo this is enough. I’m more worried about the data Microsoft and google collect. I use alternative private search engines and email providers, and I’ve done extensive registry editing, IP and application blocking, and have disabled as many processes as possible.

I don’t use Microsoft security offerings either; I use glasswire and whatever top AV is on offer when it comes to renewal. I backup using EaseUS ToDo.

Big data is everyone’s focus these days, and I want my data as secure as possible; I’ve even stopped using sites like the Rainforest. The more personal data companies collect, the more of your information is at risk to security breaches. It’s one of the reasons I loathe the approach the government takes to centralised data these days.
 
Last edited:
You must log in or register to reply here.
Back
Top Bottom