I’ve been curiously questioning the uniqueness of browser fingerprints but the Electronic Frontier Foundation’s updated Panopticlick service shows you frighteningly how powerful they are.

Each time you request a web page with your browser, a lot of information is shared with the site owner to help the website publisher determine how best to display and customize content for your device. Advertisements are able to use this information to identify you and track your web activity across the Internet, beyond a single site.

Panopticlick tests your browser for fingerprinting and shares the results:

Panopticlick results from my fairly vanilla iOS Safari iPhone Browser

Then, I tested my desktop browser and clicked on the Fingerprint results:

EFF’s Panopticlick Fingerprinting Results

I was surprised and a bit shocked at how unique my browser is. I’ve even chose to black out some of the results above.

I was surprised to see how much the fonts that you’ve installed on your computer can aid in identifying you.

PixelPrivacy notes that “Panopticlick found that only 1 in 286,777 other browsers will share the same fingerprint as another user.” And that’s how my desktop browser showed up as well.

Here’s Panopticlick’s summary of the data our browser provide:

  • The user agent string from each browser
  • The HTTP ACCEPT headers sent by the browser
  • Screen resolution and color depth
  • The Timezone your system is set to
  • The browser extensions/plugins, like Quicktime, Flash, Java or Acrobat, that are installed in the browser, and the versions of those plugins
  • The fonts installed on the computer, as reported by Flash or Java.
  • Whether your browser executes JavaScript scripts
  • Yes/no information saying whether the browser accepts various kinds of cookies and “super cookies”
  • A hash of the image generated by canvas fingerprinting
  • A hash of the image generated by WebGL fingerprinting
  • Yes/no whether your browser is sending the Do Not Track header
  • Your system platform (e.g. Win32, Linux x86)
  • Your system language (e.g. en-US)
  • Your browser’s touchscreen support

Canvas and WebGl fingerprinting are super creepy. Essentially, the advertising tracking services draw a small picture from what’s on your display and then have the browser capture how that actually appears in pixels on your screen and then it can categorize much about your computer setup from this information.

There are browser extensions that attempt to disguise the identifying information your browser shares but there are limits to this practice as they can affect what you see on the screen.

Give Panopticlick a try yourself. You’ll be surprised at the outcome.

Posted by Jeff Reifman

Jeff is a technology consultant based in the Pacific Northwest.

Leave a reply

Your email address will not be published. Required fields are marked *