My intent in trying to redirect to plug-talk was to merge with the somewhat larger conversation there, rather than bifurcating.
-- Russell Senior [email protected] On Sun, Feb 26, 2023 at 5:00 PM Ben Koenig <[email protected]> wrote: > Discussions regarding the technical implementation of device > fingerprinting are perfectly on topic IMO. > > The ethical nature of such technology is another subject of debate and is > probably better on plug-talk. Conversations like this can split both ways ;) > > My somewhat toxic rant largely revolves around the articles blatant > misunderstanding of how anonymity works. He made a perfectly sane statement > about data collection/aggregatioon and then proceeded to make a completely > contradictory claim. > -Ben > > > ------- Original Message ------- > On Sunday, February 26th, 2023 at 4:08 PM, Russell Senior < > [email protected]> wrote: > > > > Although the idea of browser fingerprinting was not new to me, I did find > > the link to https://panopticlick.eff.org/ interesting and somewhat > > illuminating. > > > > Followups should (?) probably go to plug-talk. > > > > -- > > Russell Senior > > [email protected] > > > > On Sun, Feb 26, 2023 at 3:42 PM Ted Mittelstaedt [email protected] > > > > wrote: > > > > > Unfortunately my experience in "technical blog posts" is that most of > them > > > are crap, they are put together by people who run scraping software > that > > > rips off content from other people's sites then assembles it to try to > make > > > money off advertising on their sites. > > > > > > Unless the technical post is part of a forum that has a lot of > > > participation on it to where people with more knowledge/experience can > > > either add to it or refute it, usually it's just not that good. > > > > > > Ted > > > > > > -----Original Message----- > > > From: PLUG [mailto:[email protected]] On Behalf Of Ben > > > Koenig > > > Sent: Sunday, February 26, 2023 1:19 PM > > > To: Portland Linux/Unix Group [email protected] > > > Subject: Re: [PLUG] [PLUG-TALK] How do web servers identify visitor > > > devices? > > > > > > None of this is news. That entire blog post looks like it written to > > > appeal to someone who spent the last 30 years not asking how the > internet > > > works then freaking out after realizing what is possible. No joke, I > read > > > the following quote from that article and nearly fell out of my chair. > > > > > > "What’s ironic about device fingerprinting is that the more > > > privacy-centered add-ons you install on your browser (e.g. Privacy > Badger, > > > Do Not Track Me, Ghostery to name a few) in a bid to protect the > remnants > > > of your privacy, the easier it becomes to identify you because of the > > > uniqueness of your browser’s configuration." > > > > > > ROFLMAO. It's so brilliantly stupid that it cannot be refuted by > logical > > > means. That whole article is an accurate example of human intelligence > > > after decades of inadvertent lead exposure. Nice. > > > > > > -Ben > > > > > > ------- Original Message ------- > > > On Sunday, February 26th, 2023 at 10:21 AM, Ted Mittelstaedt < > > > [email protected]> wrote: > > > > > > > Why is this even necessary to look at nonsense like the plugins, both > > > > HP, Dell, and Lenovo computers make their motherboard serial numbers > > > > available via BIOS calls and those serial numbers are unique. Hard > disks > > > > also have unique serial numbers and of course the LAN MAC addresses > and > > > > Bluetooth BD_ADDR are unique. The machine's ARP cache is not > protected > > > > either so if they really want to fingerprint they can look at the > netmask > > > > in use, setup a loop and ping every IP in the network then pull all > the MAC > > > > addresses out of the ARP cache and then if they really want to get > clever > > > > they can match the MACs and see if any other machines on the local > network > > > > that they have fingerprints for are online. > > > > > > > > The entire hoo-ha over Intel putting serial numbers in it's CPUs a > few > > > > years back was complete baloney, a red herring to distract the > masses. > > > > > > > > The clearcode article is just barely scraping the surface and what > they > > > > say is being collected sounds like amateur hour. > > > > > > > > Ted > > > > > > > > -----Original Message----- > > > > From: PLUG [mailto:[email protected]] On Behalf Of > > > > Michael Rasmussen > > > > Sent: Saturday, February 25, 2023 10:46 AM > > > > To: Portland Linux/Unix Group [email protected] > > > > > > > > Subject: Re: [PLUG] [PLUG-TALK] How do web servers identify visitor > > > > devices? > > > > > > > > Fingerprint computes avail themselfs to a variety of items that, > taken > > > > together, come close to uniquely identifing your computer. > > > > > > > > From: > > > > > > > https://clearcode.cc/blog/device-fingerprinting/#What-information-is-collected-to-create-a-device-fingerprint > > > > > > > They list: > > > > > > > > * IP address > > > > * HTTP request headers > > > > * User agent string > > > > * Installed plugins > > > > * Client time zone > > > > * Information about the client device: screen resolution, touch > support, > > > > operating system and language > > > > * Flash data provided by a Flash plugin > > > > * List of installed fonts > > > > * Silverlight data > > > > * List of mime-types > > > > > > > > For more information you can check out the description of it on > > > > Wikipedia: > > > > > > > > https://en.wikipedia.org/wiki/Device_fingerprint > > > > > > > > * Timestamp > > > > * > > > > > > > > -- > > > > > > > > Michael Rasmussen > > > > Be Appropriate && Follow Your Curiosity >
